Forgive the naive question, but would 2FA completely mitigate this attack, assuming that the org trying to access a key vault did not have access to the 2FA device?
No. This article describes an attack where the user has already gained access to the encrypted database, which assumes they have already subverted 2FA.
xxkylexx|8 years ago
tomtoise|8 years ago
Doesn't this hark back to "If the attacker has local access, it's already game over"?