FA (belatedly) says OK to 2FA
A spate of account takeover hacks has prompted the English Premier League to promise to introduce two-factor authentication (2FA) controls to its official Fantasy Premier League game (FPL) from next season.
FPL has more than eight million players, who sign up with a standard email address and password, although 2FA is not offered as an option.
A wave of hacks this season has seen attackers seemingly targeting successful teams ranked in the top 100,000.
The precise number of account takeover attempts is unclear, but simply searching for the term ‘hack’ on FantasyPL Reddit shows many people are claiming to have been affected, and the problem is far from isolated.
In some cases, accounts have been deleted and many victims have struggled or failed to get back lost fantasy football league points.
The FPL game is free to enter and the chances of winning a prize, such as a trip to see a football game or Premier League merchandise, is slim to none.
Nonetheless,…
Read Full Story: https://portswigger.net/daily-swig/fantasy-premier-league-account-hack-surge-prompts-plans-to-introduce-extra-login-checks-for-football-fans
