Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
alyssenko
on Feb 24, 2017
|
parent
|
context
|
favorite
| on:
List of Sites Affected by Cloudflare's HTTPS Traff...
coinbase is certainly one of the most concerning on that list- however they also support 2 factor authentication.
tedd4u
on Feb 24, 2017
[–]
If you captured the right cookies though, you wouldn't need to log in with a password and be subject to OTP. That's why this is so problematic. Caveat: I haven't actually checked the details of Coinbase's session/security tokens.
alyssenko
on Feb 24, 2017
|
parent
[–]
This is true- but I'd assume all of these sites have flushed their session/cookie data by now.
Join us for
AI Startup School
this June 16-17 in San Francisco!
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
