How Hackers Bypassed Google’s 2-Step Authentication

How Hackers Bypassed Google’s 2-Step Authentication

When it comes to keeping your passwords, and the associated accounts, safe, there are many factors to consider. Not choosing obvious passwords such as family names or favourite things, and by including numbers and symbols all help to secure them from being hacked. But one method which has been adopted by many websites and services is the option of two-step verification. By essentially incorporating two steps to access your account will ensure hackers have a very difficult time in breaking in. But even this isn’t 100% secure. How hackers bypassed Google’s 2-step authentication…. Let see how gmail 2 step verification android or google 2 step verification ipad can be bypassed.

Along with the website Wordpress and many others, Google introduced 2-step verification into their email service Gmail to help protect their users. . When you enable 2-Step Verification which is also known as two-factor authentication, you add an extra layer of security to your account. You sign in with something you know (indeed your password) and the equipment you use (a code sent to your mobile phone). Usually with having to provide your mobile phone number, this code is required to authenticate access to an account from a computer, location or device not previously associated with the account. But as designer Grant Blakeman unfortunately found out, 2-step authentication is not entirely secure. His own Instagram account was compromised via his Gmail account. Hackers had somehow changed his mobile phone number to their own, so the 2-step authentication code was sent to them. Once they obtained the code, they could easily access the account. Blakeman has since investigated the breach and has restored control over his accounts.

But the worrying problem remains; the 2-step authentication process was supposed to safeguard your accounts stronger than ever. But instead it merely presented a new barrier for hackers to overcome. This serves a stark reminder that no matter what steps we take to protect our data and our accounts, no one way is an attack-proof safety net over our accounts. Regularly changing passwords, not having duplicate passwords for multiple accounts and making sure our internet connection is secure are just a few steps to take in ensuring our data remains safe.

Indeed, many more companies offer some form of two-factor authentication than did two or three years ago. But the consumer adoption of this core security feature is still poor. Wordpress 2 step verification has been also used for long. For instance, Dropbox head of security commented that less than one percent of its user’s base of 500 million registered users had chosen to turn on 2-factor authentication for their accounts.

Google recently went a step further than the two-step verification, by starting a new push authentication system that generates a prompt on the user’s mobile device that users need to tap to approve login requests. This is very similar to another push-based two-factor system from Duo Security. Companies are trying to invent new security systems but are slow to evolve compared to cybercriminal experts.

How hackers bypassed Google’s 2-step authentication is just one such reminder that everyone needs to take as many steps as possible in protecting themselves online. Le VPN provides just one more layer of protection by allowing users to browse anonymously online as well as creating a secure, encrypted connection to the internet from wherever you connect from, on whatever device you use.

Our VPN service encrypts your Internet connection through a complex system, using the AES-256 algorithm. This coding makes it impossible for anyone to interact with your personal data, even if your connection has been intercepted or compromised when using an unsecured Wi-Fi. So each data you will send will go directly into your secure virtual tunnel. With a VPN, you can easily direct your traffic by choosing a server in one of the 120+ available countries. Thus, you will use the best VPN service available for a secure Internet connection from your tablet or smartphone.



GET 3 YEARS FOR $79.99




Easy To Use

30-Day Money Back

Friendly Support

Bitcoin Accepted

Ultra High Speeds

Comments (18)

  • vikash

    I am sing in a account but it need 2 verification code I don’t have code how I am sing a account


    your comment…OK
    a gmail password hack

  • archit

    i lost my sim .how to signin my account without 2 step verification code

    • Rohit

      Same problem. I have..

  • eugine

    i lost my sim .how to signin my account without 2 step verification code

  • úc royal

    tui bị mất đt vs sim luôn rr nên k có code authenticator

    • Likesh

      My accounis hack

  • Michael

    Just like some servers logging in from the web offer two-step auth, Google’s two-step auth today is very secure. According to a few security experts I’ve spoken to, the only way they can change your phone number or access your account and change all other info is by stealing your phone or reading the SIM-text that gets sent from the cellphone tower from a car outside your home using what is called a ‘sniffer’. But with the new Google Authenticator app, this is the most secure two-step auth and cannot be sniffed.

    Try Google Authenticator. It works great for me and I have never had my different accounts compromised since I began using it. It even works with some servers that are not Google.

  • Michael

    If you have lost your SIM card, and this happens to all of us at least once, contact your cell phone provider. For example, my SIM card company is seperate from my phone company and I just let them know with a phonecall or chat and they immediately send me a new one, disabling the 1st one.

  • Davin Martin


    This is really good and it’s also helpful, Thanks for sharing this type of Information.

  • Damodar Singh Shakya

    My old gmail account lock by 2-step verification code but I done sign up but I need 2-step verification code please help me

  • Thenuk

    My sim is lost how to get it back please help me

  • Eve Hunt

    I am constantly searching online for ideas that can facilitate me. Thanks!


    My Gmail account hacked through LinkedIn. Hackers hack my all PW through LinkedIn what should I do

  • Apurba gogoi

    I enabled two step verification in my accounts but how my phone hacked…

  • Jose lopez

    I have the same problem here what can I do. I need my contacts. Please help me!!!!

  • Sultan

    I lost my phone that’s why I didn’t get a code

  • Prince

    I lost my 2-steps verification code

Leave Comment