Zero-Day Vulnerability in Passwordless Login Method Could Pose Risks to Global Economy
It is reported that Dfns, a startup of encrypted wallets, said that there are serious vulnerabilities in the passwordless login method Magic Links used by more…
It is reported that Dfns, a startup of encrypted wallets, said that there are serious vulnerabilities in the passwordless login method Magic Links used by more and more encrypted wallets and network applications. Dfns said in a statement that the vulnerability could “pose a considerable risk to a large part of the global economy. The affected services said that they had hardly received any notice before Dfns published a blog article detailing the so-called zero-day vulnerability.
Encryption wallet company Dfns: “Magic Links” has a serious vulnerability
Interpretation of the news:
Dfns, a startup that provides encrypted wallets, recently reported on a significant vulnerability in the passwordless login method used in Magic Links that many encrypted wallets and network applications rely on. The zero-day vulnerability reveals serious security flaws in the system, which could pose a significant risk to a large part of the global economy.
According to Dfns, the affected services were hardly notified before they published a blog article detailing the vulnerabilities in the Magic Links login method. The issue of a lack of notice raises concerns because many users and organizations put their faith in these services, trusting them with highly personal data, assets, and information. With the information from Dfns starting to circulate around the crypto industry, authorities are now giving it close attention.
Given the critical role Magic Links plays in the encryption and security of wallets, Dfns has raised the alarm on this matter. Magic Links are used to facilitate passwordless logins to wallets and other network applications, making it easier for users to access their accounts without the need to remember complex passwords. However, the implementation and reliance on Magic Links are no longer sufficient to guarantee secure and foolproof access, as demonstrated by the zero-day vulnerability.
With so many people relying on these services as a way of safely storing and securing their digital currency and assets, the zero-day vulnerability is especially concerning. If exploited, it could have severe consequences and could result in significant losses for individuals and businesses, possibly even leading to the collapse of cryptocurrency exchanges.
In conclusion, the zero-day vulnerability in the Magic Links passwordless login method is an alarm call for both the identity management industry and crypto exchanges. The responsible disclosure of the vulnerability by Dfns provides a window of opportunity for the affected services to patch the vulnerability and take adequate measures to tighten their security postures. Moreover, businesses and individuals who use these encrypted wallets and Magic Links need to be more cautious about their data and assets’ protection, selecting reliable service providers and complying with their recommended security protocols.
This article and pictures are from the Internet and do not represent Fpips's position. If you infringe, please contact us to delete:https://www.fpips.com/3115/
It is strongly recommended that you study, review, analyze and verify the content independently, use the relevant data and content carefully, and bear all risks arising therefrom.
Recommended articles
-
Coinbase Suspends BUSD Trading: A Move Done Out of Liquidity Concerns
According to reports, Brian Armstrong, CEO of Coinbase, said on Wednesday that the decision of the Exchange to suspend BUSD trading was due to liquidity concerns. Armstrong said: “The reason we did this is that the issuer of BUSD, Paxos, has been ordered to stop casting it, so we are worried about the liquidity of customers.”. Coinbase CEO: The decision to remove BUSD from the shelf is based on the concern about liquidity Analysis based on this information:Coinbase, one of the leading cryptocurrency exchanges in the world, announced on Wednesday that it had suspended trading for the stablecoin BUSD. Brian Armstrong, the CEO of Coinbase, justified the move by citing concerns over liquidity. He explained that the reason behind this decision was Paxos, the issuer of BUSD, has been ordered to stop casting it. Hence, there is a potential risk regarding the liquidity of Coinbase’s customers, which could be harmful to the overall experience. The suspension of BUSD trading occurred…
-
7:00-12:00: A Recap of Today’s Big News in Tech and Finance
7: 00-12:00 Keywords: Coinbase, Twitter downsizing, Starbucks NFT, Bank of England
Summary of important updates during the afternoon on April 18th
In this article, we will take a l -
The US House of Representatives Passes Bill to Raise Debt Ceiling by $1.5 Trillion
According to reports, the US House of Representatives has passed a bill to raise the debt ceiling by $1.5 trillion. (Watcher.Guru)
The US House of Representatives has passed a bill -
Table of Contents
According to reports, BlockTower Capital, a digital asset investment company headquartered in Miami, announced the closure of its \”market neutral\” cryptocurrency fund, which once m
-
Twitter CEO Elon Musk Plans to Step Down by the End of 2023
On February 15, local time, Twitter CEO Musk said at the Dubai World Government Summit via video link that he planned to step down as Twitter CEO by the end of…
-
What does mining in blockchain mean
What does mining mean in blockchain? Mining is a digital currency that performs calculations on the network, also known as encrypted assets. It is considered to be one of the oldest concepts in the computer field, but with the increasing use of decentralized Cryptocurrency such as Bitcoin, its value is also rising; From another perspective, blockchain solves this problem through mining, providing new ideas and approaches for the development of the industry So, what exactly is mining? Simply put, storing data on a secure, transparent, and traceable network. If we place the data of the entire network on a ledger or a node, we can verify the transaction and confirm whether it is legal and its authenticity. So in such a situation, a large amount of computing power is required to ensure the security of the system Therefore, during the mining process, it is necessary to mine these data to avoid unnecessary or unpredictable situations. For ordinary users, in addition…
-
Why Can’t We Get Bitcoin (Why is Bitcoin Banned)
Why can\’t we get Bitcoin? We all know that when you are investing, the first thi
-
Bitcoin Financial Service Provider Unchained Nets $60 Million in Latest Investment Round
According to reports, Bitcoin financial service provider Unchained announced the completion of a $60 million B-round financing, with Valor Equity Partners leading the investment an
-
ProDigital Future Fund Plans to Raise $100 Million to Invest in Digital Asset Startups
On March 30, it was announced that a Hong Kong fund named \”ProDigital Future Fund\” plans to raise $100 million this year to invest in digital asset startups, and has received a com
-
Evan Cheng Confirms Plans to Explore Web3 Venture Fund
According to reports, Evan Cheng, co-founder and CEO of Mysten Labs, confirmed on The Scoop Podcast that he was exploring a web3 venture fund. Evan Cheng said …
-
Bank of Japan Plans to Review Its Policies: What Does It Mean?
On April 24th, it was announced that the Bank of Japan plans to review the policies it has adopted over the past few decades. Under the leadership of the new governor, Shigeru Ishi
-
What is Namecoin (Why is it so slow)?
What is Namecoin? What is Namecoin?Namecoin is a decentralized storage protocol
-
Ether POAP OG NFT Series Flooring: A Deep Dive into Its Price Decrease
On April 9th, according to Blur data, the price of the Ether POAP OG NFT series flooring decreased by 65.82% on the 7th, with a current price of 0.649 ETH and a transaction volume
-
What is the meaning of bitcoinget?
What does bitcoinget mean? According to official sources, bitcoinget is Bitcoin
-
Court rules that SBF’s co-signer names must be disclosed
It is reported that after SBF did not apply to the Court of Appeal, a federal judge ruled that the names of the co-signers of the bonds of Sam Bankman-Frie (SB…
-
Merlin: Suggest users to revoke the two permissions of the wallet on their official website
On April 26th, zkSync Ecological DEX Merlin announced that it is analyzing protocol vulnerabilities and reminding users to revoke Wallet\’s access and signature permissions on their