1
96%
master: 96%

Ran 20 May 2014 08:27PM UTC

Files 26

Run time 12s

Badge

Embed ▾

Committed 20 May 2014 08:24PM UTC coverage: 96.766% (+0.06%) from 96.711%

Job # DJANGO=1.4 COVERAGE=YES

Build Type

push

travis-ci

Committed by

Bouke

Commit Message

Fixed #54 -- Mitigate voicemail hack

See also [this blogpost][1] which uses the victim's voicemail
service to access OTP tokens. When the call goes to voicemail, the
tokens can be access through a vulnerable voicemail service (e.g.
requiring no PIN). Then the attacker will have access to the tokens
and is able to login. When requiring interaction (e.g. pressing a
button), this type of attack can be disarmed. Major services like
Google and Yahoo are still vulnerable to this type of attack.

[1]: http://shubh.am/how-i-bypassed-2-factor-authentication-on-google-yahoo-linkedin-and-many-others/

Run Details

748 of 773 relevant lines covered (96.77%)

0.97 hits per line

Bouke / django-two-factor-auth / 213 / 1
96%
master: 96%

README BADGES
x

Markdown

Textile

RDoc

HTML

Rst

Source Files on job 213.1 (DJANGO=1.4 COVERAGE=YES)

Bouke / django-two-factor-auth / 213 / 1 96% master: 96%

README BADGES x

Markdown

Textile

RDoc

HTML

Rst

Source Files on job 213.1 (DJANGO=1.4 COVERAGE=YES)

Bouke / django-two-factor-auth / 213 / 1
96%
master: 96%

README BADGES
x