kpwn, If not secured properly, one-time passwords are a lot more likely to be guessed than you think!
Ever since I've learned that #Keycloak's default configuration does not prevent #OTP brute-forcing, I wanted to discuss the topic in detail and raise awareness.
Enjoy reading! 👇
#Infosec #CyberSecurity #BugBounty #Pentesting #Hacking #AppSec