Resetting Your Password Is Vulnerable: A Security Study of Common SMS-Based Authentication in IoT Device

<div>Password reset via brute-force attack to SMS authentication code: code0000 is a SMS authentication code whose value is 0000 and codeNNNN is an instance of all possible SMS authentication code whose value ranges from 0000 to 9999.</div>

Wireless Communications and Mobile Computing

fig1

Figure 1

Figure 1: Resetting Your Password Is Vulnerable: A Security Study of Common SMS-Based Authentication in IoT Device 