A server-room lock using two-factor authentication (ID card + 4-digit PIN) was found to have a critical flaw during a security audit: the door would unlock if someone pressed the keypad buttons without swiping a card. This meant attackers could completely bypass both authentication factors through simple trial-and-error, allowing unauthorized access to production infrastructure.
Infrastructure
Server-room lock was nothing but a crock
Server-room 2FA lock had a critical failure—the keypad alone could unlock the door without requiring the ID card swipe or PIN, rendering both authentication factors completely bypassable.
Thursday, April 16, 2026 12:00 PM UTC2 MIN READSOURCE: The RegisterBY sys://pipeline
Tags
infrastructure