Product Communities
Sign In Register

Session killer for websites (NOT for lastpass sessions)

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Getting started | Community guidelines

Session killer for websites (NOT for lastpass sessions)

0 Kudos

Session killer for websites (NOT for lastpass sessions)

Status: New Submitted by on ‎10-06-2020 12:07 PM
1 Comment (1 New)

Today I witnessed a demo of how a phishing attack can capture the MFA tokens from a phishing-site-masquerading as an actual site and produce an account compromise.

The attacker can steal the MFA creds and log into your session on O365 or others.

The only way to prevent this is to detect & block additional sessions once an actual session is established.

Again, I see that LastPass itself does this, but i am referring to ALL the sites user use.

See more ideas labeled with:
1 Comment
Logic
Active Contributor
‎10-15-2020 02:41 PM
‎10-15-2020 02:41 PM

MFA? Oh, Multi-Factor Authentication.  Office365?
Why post here?  This doesn't sound like a lastpass feature suggestion.

About Us
Terms of Service
NEW Privacy Policy
Trademark
© 2023 LogMeIn, Inc. All Rights Reserved