Lance Peterman

IAM Strategy & Platform Lead; Merck
Lance Peterman is the Identity & Access Management Strategy and Platform Lead at Merck. With more than 24 years of experience working in various sectors of the technology industry, Lance’s current focus has been in specialized areas of information security, including identity and access management, risk management, cybersecurity and mobility. Lance is also a member of the adjunct faculty at the University of North Carolina – Charlotte, teaching software architecture and design. He is a founding member of IDPro and currently serving on its board of directors. Active credentials include CISSP and PMP.

Lance's Session


Thursday, June 27
5:00 - 5:25 pm
Georgetown
Modlishka – Is a Mantis Eating 2FA’s Lunch?
In the past year a handful of researchers have released tools that can directly attack SMS & OTP methods of Two-Factor Authentication (2FA). This has led many in the media to declare 2FA either broken or in decline. Are they right? Let’s explore the current threats, review the full spectrum of 2FA capabilities, and look at methods of defending against these 2FA attacks. In January this year, a Polish security researcher released a toolkit(Modlishka, which translates somewhat to Mantis) that can automate attacks against websites that use either SMS or OTP base two-factor authentication (2FA). While this is certainly bad news, because the internet is always calm and collected, collectively it decided that 2FA as an entire category was under assault and likely to fail. Are they right? In this talk, let’s review the current 2FA threat landscape, how we can respond to those threats, and we’ll finally review the current (and future?) state of 2FA.

Enter your details to receive email updates from Identiverse