Locked out of your account? No problem according to this security researcher.
Tripwire Explains:
A researcher developed a method to bypass the two-step verification (2SV) account security measure for PayPal in four easy steps.
Like most other web services, PayPal provides users with the option to enable two-step verification (2SV) on their accounts. 2SV is a feature through which a web service sends users a one-time SMS code to a verified mobile phone whenever they attempt to log in to their account with their username and password. Users require cell service to receive that code. Without a signal, they can’t receive a code sent to their mobile phone, which means he they can’t log into their account through the standard method of 2SV.
That’s exactly what happened to security consultant Henry Hoggard, who developed the proof of concept bypass when he was at a hotel and discovered he had no cell service.
