Google Proposes Method for Stopping Multifactor Runaround
Device Bound Session Credentials Tie Authentication Cookies to Specific ComputersGoogle is prototyping a method to stymie hackers who get around multifactor security by stealing authentication cookies from desktops. Google says its proposal for cryptographically tying authentication tokens to computers will succeed where previous attempts such as Token Binding failed.