Two-factor authentication

Posted Sep 3, 2011 11:00 UTC (Sat) by Cato (guest, #7643)
In reply to: Two-factor authentication by job
Parent article: kernel.org compromised

I found this from 2 years ago - replay attack due to a bug in the Yubico authentication server, since fixed by Yubico: http://www.grennan.com/?p=113

It's up to the authentication server to do the right checks, so perhaps some authentication servers have bugs.

I'd like to see more on this claimed replay attack, too.