kpwn, 9 months ago

If not secured properly, one-time passwords are a lot more likely to be guessed than you think!

Ever since I've learned that #Keycloak's default configuration does not prevent #OTP brute-forcing, I wanted to discuss the topic in detail and raise awareness.

Enjoy reading! 👇

#Infosec #CyberSecurity #BugBounty #Pentesting #Hacking #AppSec

https://infosec.exchange/@kpwn/110600013869408508