13
96%
master: 96%

Ran 20 May 2014 08:36PM UTC

Files 26

Run time 11s

Badge

Embed ▾

Committed 20 May 2014 08:24PM UTC coverage: 94.825% (+0.09%) from 94.737%

Job # DJANGO=1.7b3 COVERAGE=YES

Build Type

push

travis-ci

Committed by

Bouke

Commit Message

Fixed #54 -- Mitigate voicemail hack

See also [this blogpost][1] which uses the victim's voicemail
service to access OTP tokens. When the call goes to voicemail, the
tokens can be access through a vulnerable voicemail service (e.g.
requiring no PIN). Then the attacker will have access to the tokens
and is able to login. When requiring interaction (e.g. pressing a
button), this type of attack can be disarmed. Major services like
Google and Yahoo are still vulnerable to this type of attack.

[1]: http://shubh.am/how-i-bypassed-2-factor-authentication-on-google-yahoo-linkedin-and-many-others/

Run Details

733 of 773 relevant lines covered (94.83%)

0.95 hits per line

Bouke / django-two-factor-auth / 213 / 13
96%
master: 96%

README BADGES
x

Markdown

Textile

RDoc

HTML

Rst

Source Files on job 213.13 (DJANGO=1.7b3 COVERAGE=YES)

Bouke / django-two-factor-auth / 213 / 13 96% master: 96%

README BADGES x

Markdown

Textile

RDoc

HTML

Rst

Source Files on job 213.13 (DJANGO=1.7b3 COVERAGE=YES)

Bouke / django-two-factor-auth / 213 / 13
96%
master: 96%

README BADGES
x