{"id":5224,"date":"2022-10-13T12:25:03","date_gmt":"2022-10-13T15:25:03","guid":{"rendered":"https:\/\/base4sec.com\/nao-categorizado\/2fa-contornando-101\/"},"modified":"2025-02-25T20:02:38","modified_gmt":"2025-02-25T23:02:38","slug":"2fa-contornando-101","status":"publish","type":"post","link":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/2fa-contornando-101\/2022\/10\/13\/","title":{"rendered":"2FA contornando 101"},"content":{"rendered":"<p>Um m\u00e9todo de seguran\u00e7a que \u00e9 actualmente amplamente utilizado na maioria das aplica\u00e7\u00f5es web e m\u00f3veis \u00e9 o 2FA. Tem-se falado muito sobre o assunto nos dias de hoje, e alguns especialistas come\u00e7am a duvidar da sua efic\u00e1cia na protec\u00e7\u00e3o dos utilizadores finais. Para compreender a seguran\u00e7a deste m\u00e9todo, veremos uma simples demonstra\u00e7\u00e3o de como \u00e9 poss\u00edvel atacar uma conta de aplica\u00e7\u00e3o m\u00f3vel conhecendo apenas um factor de autentica\u00e7\u00e3o, num cen\u00e1rio vulner\u00e1vel criado para o efeito.<\/p>\n<h3 class=\"subt-nota\">Factores de autentica\u00e7\u00e3o<\/h3>\n<p>A autentica\u00e7\u00e3o com dois factores acrescenta uma camada extra de seguran\u00e7a \u00e0 sua conta, ou seja, um passo adicional de login para impedir que outros fa\u00e7am o login mesmo que tenham acesso \u00e0 sua palavra-passe. Ao entrar numa conta online, o n\u00edvel b\u00e1sico de autentica\u00e7\u00e3o requer apenas a palavra-passe de acesso, que \u00e9 o primeiro passo na verifica\u00e7\u00e3o da identidade.<\/p>\n<p>Com 2FA, \u00e9 acrescentada uma informa\u00e7\u00e3o adicional: a segunda camada, que \u00e9 uma informa\u00e7\u00e3o que o utilizador deve fornecer para poder aceder \u00e0 sua conta. Um exemplo t\u00edpico da utiliza\u00e7\u00e3o de 2FA fora da Internet \u00e9 quando se utiliza uma caixa multibanco, onde para funcionar precisamos de algo que se tenha (o seu cart\u00e3o banc\u00e1rio) e algo que se saiba (o PIN). A camada adicional de autentica\u00e7\u00e3o \u00e9 um de tr\u00eas factores b\u00e1sicos: algo que se conhece, algo que se tem e algo que se \u00e9. Abaixo, detalhamos o tipo de informa\u00e7\u00e3o que se enquadra em cada categoria:<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>Algo que sabe: Pode ser um c\u00f3digo PIN, as respostas \u00e0s perguntas de seguran\u00e7a e, claro, a sua palavra-passe.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>Algo que tem: refere-se normalmente a um objecto f\u00edsico, tal como um dispositivo de seguran\u00e7a (um pequeno dispositivo de hardware) ou um cart\u00e3o de identifica\u00e7\u00e3o. Pode tamb\u00e9m ser um telem\u00f3vel cuja posse pode ser verificada utilizando uma aplica\u00e7\u00e3o especial (como o Google Authenticator, ou um c\u00f3digo SMS).<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li>Algo que \u00e9: Isto engloba dados biom\u00e9tricos e \u00e9 tipicamente o reconhecimento de impress\u00f5es digitais ou facial (como o Touch ID da Apple e Face ID) e o reconhecimento da retina.<\/li>\n<\/ul>\n<div class=\"img-nota7\"><img decoding=\"async\" src=\"https:\/\/wwww.base4sec.com\/assets\/images\/blog\/nota17-1.jpeg\" \/><\/div>\n<p>&nbsp;<\/p>\n<h3 class=\"subt-nota\">T\u00e9cnicas para contornar o 2FA<\/h3>\n<p>H\u00e1 uma variedade de t\u00e9cnicas para tentar um ataque contra 2FA, algumas mais f\u00e1ceis do que outras. Aqui est\u00e1 uma lista das principais:<\/p>\n<ul>\n<li>Clickjacking na funcionalidade 2FA Disable Feature<\/li>\n<li>Manipula\u00e7\u00e3o de resposta<\/li>\n<li>Manipula\u00e7\u00e3o do C\u00f3digo de Estado<\/li>\n<li>2FA Reusabilidade do C\u00f3digo<\/li>\n<li>CSRF no 2FA Desactivar Funcionalidade<\/li>\n<li>Abuso do C\u00f3digo de C\u00f3pia de Seguran\u00e7a<\/li>\n<li>Habilitar 2FA N\u00e3o Expira Sess\u00e3o Anterior<\/li>\n<li>2FA Consulte o Bypass de Verifica\u00e7\u00e3o<\/li>\n<li>2 Fugas de c\u00f3digoFA em resposta<\/li>\n<li>An\u00e1lise do ficheiro JS<\/li>\n<li>Falta de Protec\u00e7\u00e3o da For\u00e7a Bruta<\/li>\n<li>Reinicializa\u00e7\u00e3o da palavra-passe\/Mudan\u00e7a de correio electr\u00f3nico &#8211; 2FA Desactivar<\/li>\n<li>Falta Valida\u00e7\u00e3o de Integridade do C\u00f3digo 2FA<\/li>\n<li>Pedido directo<\/li>\n<\/ul>\n<h3 class=\"subt-nota\">Laborat\u00f3rio<\/h3>\n<p>Nesta oportunidade, analisaremos como \u00e9 poss\u00edvel violar um 2FA usando a t\u00e9cnica do 2FA Code Leakage in Response, e mostraremos passo a passo como realizar este tipo de execu\u00e7\u00e3o. Para exemplificar esta vulnerabilidade, descarreg\u00e1mos a aplica\u00e7\u00e3o m\u00f3vel hpAndro 2FA juntamente com BurpSuite. Tendo em conta que conhecemos os utilizadores existentes, podemos tentar entrar no sistema com as credenciais de administrador.<\/p>\n<div class=\"img-nota7\"><img decoding=\"async\" src=\"https:\/\/wwww.base4sec.com\/assets\/images\/blog\/nota17-2.jpeg\" \/><\/div>\n<p>&nbsp;<\/p>\n<p>Ao interceptar a rede com BurpSuite, vemos que n\u00e3o tem uma encripta\u00e7\u00e3o forte, permitindo a captura de credenciais em texto simples.<\/p>\n<div class=\"img-nota7\"><img decoding=\"async\" src=\"https:\/\/wwww.base4sec.com\/assets\/images\/blog\/nota17-3.jpeg\" \/><\/div>\n<p>&nbsp;<\/p>\n<p>Simultaneamente, exibimos o c\u00f3digo OTP (One-Time Password) para poder iniciar sess\u00e3o como segundo factor de autentica\u00e7\u00e3o.<\/p>\n<div class=\"img-nota7\"><img decoding=\"async\" src=\"https:\/\/wwww.base4sec.com\/assets\/images\/blog\/nota17-4.jpeg\" \/><\/div>\n<p>&nbsp;<\/p>\n<p>\u00c0 medida que temos acesso a ambas as formas de autentica\u00e7\u00e3o , procedemos ao in\u00edcio de sess\u00e3o.<\/p>\n<div class=\"img-nota7\"><img decoding=\"async\" src=\"https:\/\/wwww.base4sec.com\/assets\/images\/blog\/nota17-5.jpeg\" \/><\/div>\n<p>&nbsp;<\/p>\n<h3 class=\"subt-nota\">Discuss\u00e3o<\/h3>\n<p>Embora este exemplo seja tecnicamente muito b\u00e1sico, permite-nos ver que o 2FA nem sempre \u00e9 um m\u00e9todo totalmente seguro e que tem m\u00faltiplas formas de ser violado, o debate \u00e9 se devemos refor\u00e7ar os factores existentes para a segunda etapa de autentica\u00e7\u00e3o, ou acrescentar um terceiro factor adicional, que \u00e9 o que normalmente chamamos MFA (Multiple Factor Authentication). Continuaremos a explorar estas quest\u00f5es em futuras publica\u00e7\u00f5es.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Um m\u00e9todo de seguran\u00e7a que \u00e9 actualmente amplamente utilizado na maioria das aplica\u00e7\u00f5es web e m\u00f3veis \u00e9 o 2FA. Tem-se falado muito sobre o assunto nos dias de hoje, e alguns especialistas come\u00e7am a duvidar da sua efic\u00e1cia na protec\u00e7\u00e3o dos utilizadores finais. Para compreender a seguran\u00e7a deste m\u00e9todo, veremos uma simples demonstra\u00e7\u00e3o de como [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":4928,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_wpcom_ai_launchpad_first_post":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[260],"tags":[],"class_list":["post-5224","post","type-post","status-publish","format-standard","has-post-thumbnail","category-technical-pt-br"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.9 (Yoast SEO v27.9) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>2FA contornando 101 - BASE4 Security<\/title>\n<meta name=\"description\" content=\"BASE4 Security, consultora de ciberseguridad con presencia en Argentina, Chile, Per\u00fa, Colombia, M\u00e9xico y Espa\u00f1a. Servicios de CyberSOC, Red Team, GRC y Zero Trust.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/2fa-contornando-101\/2022\/10\/13\/\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"2FA contornando 101\" \/>\n<meta property=\"og:description\" content=\"An\u00e1lisis t\u00e9cnico y estrategia de ciberseguridad por el equipo de BASE4 Security. Insights sobre CyberSOC, Red Team, GRC y Zero Trust para LATAM y Espa\u00f1a.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/2fa-contornando-101\/2022\/10\/13\/\" \/>\n<meta property=\"og:site_name\" content=\"BASE4 Security\" \/>\n<meta property=\"article:published_time\" content=\"2022-10-13T15:25:03+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-02-25T23:02:38+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/base4sec.com\/wp-content\/uploads\/2024\/12\/blog_17.png\" \/>\n\t<meta property=\"og:image:width\" content=\"600\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Base4 Security Research\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Base4 Security Research\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/2fa-contornando-101\\\/2022\\\/10\\\/13\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/2fa-contornando-101\\\/2022\\\/10\\\/13\\\/\"},\"author\":{\"name\":\"Base4 Security Research\",\"@id\":\"\\\/#\\\/schema\\\/person\\\/5905e7398728c03dbec3772861bd4f99\"},\"headline\":\"2FA contornando 101\",\"datePublished\":\"2022-10-13T15:25:03+00:00\",\"dateModified\":\"2025-02-25T23:02:38+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/2fa-contornando-101\\\/2022\\\/10\\\/13\\\/\"},\"wordCount\":700,\"commentCount\":0,\"publisher\":{\"@id\":\"\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/2fa-contornando-101\\\/2022\\\/10\\\/13\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/base4sec.com\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/blog_17.png\",\"articleSection\":[\"Technical\"],\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/2fa-contornando-101\\\/2022\\\/10\\\/13\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/2fa-contornando-101\\\/2022\\\/10\\\/13\\\/\",\"url\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/2fa-contornando-101\\\/2022\\\/10\\\/13\\\/\",\"name\":\"2FA contornando 101 - BASE4 Security\",\"isPartOf\":{\"@id\":\"\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/2fa-contornando-101\\\/2022\\\/10\\\/13\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/2fa-contornando-101\\\/2022\\\/10\\\/13\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/base4sec.com\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/blog_17.png\",\"datePublished\":\"2022-10-13T15:25:03+00:00\",\"dateModified\":\"2025-02-25T23:02:38+00:00\",\"description\":\"BASE4 Security, consultora de ciberseguridad con presencia en Argentina, Chile, Per\u00fa, Colombia, M\u00e9xico y Espa\u00f1a. Servicios de CyberSOC, Red Team, GRC y Zero Trust.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/2fa-contornando-101\\\/2022\\\/10\\\/13\\\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/2fa-contornando-101\\\/2022\\\/10\\\/13\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/2fa-contornando-101\\\/2022\\\/10\\\/13\\\/#primaryimage\",\"url\":\"https:\\\/\\\/base4sec.com\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/blog_17.png\",\"contentUrl\":\"https:\\\/\\\/base4sec.com\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/blog_17.png\",\"width\":600,\"height\":600,\"caption\":\"Por: Mauricio Orellana (Cybersecurity Researcher)\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/2fa-contornando-101\\\/2022\\\/10\\\/13\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Inicio\",\"item\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"2FA contornando 101\"}]},{\"@type\":\"WebSite\",\"@id\":\"\\\/#website\",\"url\":\"\\\/\",\"name\":\"BASE4 Security\",\"description\":\"Your cyber ally\",\"publisher\":{\"@id\":\"\\\/#organization\"},\"alternateName\":\"B4\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"\\\/#organization\",\"name\":\"BASE4 Security\",\"url\":\"\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/base4sec.com\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/Logo_policromo_negativo.png\",\"contentUrl\":\"https:\\\/\\\/base4sec.com\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/Logo_policromo_negativo.png\",\"width\":372,\"height\":227,\"caption\":\"BASE4 Security\"},\"image\":{\"@id\":\"\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/company\\\/base4-security\"],\"description\":\"BASE4 Security es una consultora de ciberseguridad B2B con prop\u00f3sito, fundada en Argentina y con operaciones en Argentina, Chile, Per\u00fa, Colombia, M\u00e9xico y Espa\u00f1a. Ofrece servicios de CyberSOC, Red Team, GRC, Identity Security, Cloud Security y Application Security para empresas en SOLA y NOLA.\",\"email\":\"info@base4sec.com\",\"telephone\":\"02262653623\",\"legalName\":\"BASE4 Security\",\"foundingDate\":\"2008-01-16\",\"numberOfEmployees\":{\"@type\":\"QuantitativeValue\",\"minValue\":\"51\",\"maxValue\":\"200\"}},{\"@type\":\"Person\",\"@id\":\"\\\/#\\\/schema\\\/person\\\/5905e7398728c03dbec3772861bd4f99\",\"name\":\"Base4 Security Research\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/2fd8bd108b76c23a0df95f08c42f3f8653e30a2562d252777bc2a74096d212e4?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/2fd8bd108b76c23a0df95f08c42f3f8653e30a2562d252777bc2a74096d212e4?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/2fd8bd108b76c23a0df95f08c42f3f8653e30a2562d252777bc2a74096d212e4?s=96&d=mm&r=g\",\"caption\":\"Base4 Security Research\"},\"url\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/author\\\/cliteplo\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"2FA contornando 101 - BASE4 Security","description":"BASE4 Security, consultora de ciberseguridad con presencia en Argentina, Chile, Per\u00fa, Colombia, M\u00e9xico y Espa\u00f1a. Servicios de CyberSOC, Red Team, GRC y Zero Trust.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/2fa-contornando-101\/2022\/10\/13\/","og_locale":"pt_BR","og_type":"article","og_title":"2FA contornando 101","og_description":"An\u00e1lisis t\u00e9cnico y estrategia de ciberseguridad por el equipo de BASE4 Security. Insights sobre CyberSOC, Red Team, GRC y Zero Trust para LATAM y Espa\u00f1a.","og_url":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/2fa-contornando-101\/2022\/10\/13\/","og_site_name":"BASE4 Security","article_published_time":"2022-10-13T15:25:03+00:00","article_modified_time":"2025-02-25T23:02:38+00:00","og_image":[{"width":600,"height":600,"url":"https:\/\/base4sec.com\/wp-content\/uploads\/2024\/12\/blog_17.png","type":"image\/png"}],"author":"Base4 Security Research","twitter_card":"summary_large_image","twitter_misc":{"Escrito por":"Base4 Security Research","Est. tempo de leitura":"3 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/2fa-contornando-101\/2022\/10\/13\/#article","isPartOf":{"@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/2fa-contornando-101\/2022\/10\/13\/"},"author":{"name":"Base4 Security Research","@id":"\/#\/schema\/person\/5905e7398728c03dbec3772861bd4f99"},"headline":"2FA contornando 101","datePublished":"2022-10-13T15:25:03+00:00","dateModified":"2025-02-25T23:02:38+00:00","mainEntityOfPage":{"@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/2fa-contornando-101\/2022\/10\/13\/"},"wordCount":700,"commentCount":0,"publisher":{"@id":"\/#organization"},"image":{"@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/2fa-contornando-101\/2022\/10\/13\/#primaryimage"},"thumbnailUrl":"https:\/\/base4sec.com\/wp-content\/uploads\/2024\/12\/blog_17.png","articleSection":["Technical"],"inLanguage":"pt-BR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/base4sec.com\/pt-br\/technical-pt-br\/2fa-contornando-101\/2022\/10\/13\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/2fa-contornando-101\/2022\/10\/13\/","url":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/2fa-contornando-101\/2022\/10\/13\/","name":"2FA contornando 101 - BASE4 Security","isPartOf":{"@id":"\/#website"},"primaryImageOfPage":{"@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/2fa-contornando-101\/2022\/10\/13\/#primaryimage"},"image":{"@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/2fa-contornando-101\/2022\/10\/13\/#primaryimage"},"thumbnailUrl":"https:\/\/base4sec.com\/wp-content\/uploads\/2024\/12\/blog_17.png","datePublished":"2022-10-13T15:25:03+00:00","dateModified":"2025-02-25T23:02:38+00:00","description":"BASE4 Security, consultora de ciberseguridad con presencia en Argentina, Chile, Per\u00fa, Colombia, M\u00e9xico y Espa\u00f1a. Servicios de CyberSOC, Red Team, GRC y Zero Trust.","breadcrumb":{"@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/2fa-contornando-101\/2022\/10\/13\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/base4sec.com\/pt-br\/technical-pt-br\/2fa-contornando-101\/2022\/10\/13\/"]}]},{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/2fa-contornando-101\/2022\/10\/13\/#primaryimage","url":"https:\/\/base4sec.com\/wp-content\/uploads\/2024\/12\/blog_17.png","contentUrl":"https:\/\/base4sec.com\/wp-content\/uploads\/2024\/12\/blog_17.png","width":600,"height":600,"caption":"Por: Mauricio Orellana (Cybersecurity Researcher)"},{"@type":"BreadcrumbList","@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/2fa-contornando-101\/2022\/10\/13\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Inicio","item":"https:\/\/base4sec.com\/pt-br\/"},{"@type":"ListItem","position":2,"name":"2FA contornando 101"}]},{"@type":"WebSite","@id":"\/#website","url":"\/","name":"BASE4 Security","description":"Your cyber ally","publisher":{"@id":"\/#organization"},"alternateName":"B4","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"\/#organization","name":"BASE4 Security","url":"\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"\/#\/schema\/logo\/image\/","url":"https:\/\/base4sec.com\/wp-content\/uploads\/2024\/10\/Logo_policromo_negativo.png","contentUrl":"https:\/\/base4sec.com\/wp-content\/uploads\/2024\/10\/Logo_policromo_negativo.png","width":372,"height":227,"caption":"BASE4 Security"},"image":{"@id":"\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/company\/base4-security"],"description":"BASE4 Security es una consultora de ciberseguridad B2B con prop\u00f3sito, fundada en Argentina y con operaciones en Argentina, Chile, Per\u00fa, Colombia, M\u00e9xico y Espa\u00f1a. Ofrece servicios de CyberSOC, Red Team, GRC, Identity Security, Cloud Security y Application Security para empresas en SOLA y NOLA.","email":"info@base4sec.com","telephone":"02262653623","legalName":"BASE4 Security","foundingDate":"2008-01-16","numberOfEmployees":{"@type":"QuantitativeValue","minValue":"51","maxValue":"200"}},{"@type":"Person","@id":"\/#\/schema\/person\/5905e7398728c03dbec3772861bd4f99","name":"Base4 Security Research","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/2fd8bd108b76c23a0df95f08c42f3f8653e30a2562d252777bc2a74096d212e4?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/2fd8bd108b76c23a0df95f08c42f3f8653e30a2562d252777bc2a74096d212e4?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/2fd8bd108b76c23a0df95f08c42f3f8653e30a2562d252777bc2a74096d212e4?s=96&d=mm&r=g","caption":"Base4 Security Research"},"url":"https:\/\/base4sec.com\/pt-br\/author\/cliteplo\/"}]}},"jetpack_featured_media_url":"https:\/\/base4sec.com\/wp-content\/uploads\/2024\/12\/blog_17.png","_links":{"self":[{"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/posts\/5224","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/comments?post=5224"}],"version-history":[{"count":1,"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/posts\/5224\/revisions"}],"predecessor-version":[{"id":6108,"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/posts\/5224\/revisions\/6108"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/media\/4928"}],"wp:attachment":[{"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/media?parent=5224"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/categories?post=5224"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/tags?post=5224"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}