Could hackers bypass 2FA ?

  • Resolved bakumeraman

    (@bakumeraman)


    3 years, 2 months ago

    We keep a log history on our WordPress site and we changed all our passwords recently. We use the free version of this plug-in and admin users have been set to authenticate with 2FA.

    Surprinsingly, the “Simple History” plug-in we use warns of several successful log-ins of 2FA configured accounts, whose IP comes from foreign countries. We suspect the passwords to have been stolen.

    My question is: can someone bypass 2FA ?

    Note: I have tried this:
    -entering login info on login screen
    -the plugin asks for a 2FA password
    -quit the page without validating
    -I appear on the history as logged in. (My optimistic guess is that the “Simple History” plugin ignores the 2FA plugin)

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Contributor robertabela

    (@robert681)

    3 years, 2 months ago

    Thank you for trying our plugin @bakumeraman

    The short answer is no, hackers cannot bypass 2FA and are not bypassing 2FA on your website. Below is an explanation on why Simple History is showing you that a user has logged in, which by the way, can be misleading.

    When you have 2FA set up:

    1. The user is asked for a username and password
    2. One the user submits these correctly, the user has been authenticated.
    3. At this stage the user is not logged in and does not have access to the dashboard / authenticated pages, but since the user is authenticated Simple History is recording a log in.
    4. The user has to provide the second authentication factor (one-time code) to log in.

    So in your case, someone has definitely guessed the username and password of a user, but they are not able to log in to the website. I would recommend you to change the password anyway, even though they cannot log in.

    I hope the above helps. Please let us know if you need any additional information.

    Thread Starter bakumeraman

    (@bakumeraman)

    3 years, 2 months ago

    Thanks, you confirm what I thought. Our website lets currently every hacker go by.

    Plugin Contributor robertabela

    (@robert681)

    3 years, 2 months ago

    You’re welcome. Should you have any more questions do not hesitate to ask.

    By the way, please spare a minute and rate our plugin and service. These ratings are really helpful.

    Thank you and have a great day.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Could hackers bypass 2FA ?’ is closed to new replies.