#564: Hackers can bypass Your MFA In 2026 (And How To Stop It)

Mar 23, 2026

Rob Allen, Senior ThreatLocker rep and cybersecurity expert, explains why SMS MFA and reused passwords are risky. He outlines how attackers use reverse-proxy cookie theft and SIM swapping to bypass protections. The conversation covers authenticator apps, hardware keys, zero trust cloud access, proxying Office 365 traffic, and locking down internal networks with deny-by-default approaches.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

ADVICE

Use Multi-Factor Authentication Everywhere

Use multi-factor authentication because reused or leaked passwords alone let attackers access accounts across sites.
Rob Allen explains passwords leak often and 2FA limits damage from breaches and reused credentials.

ADVICE

Block Browser Extensions And Disable Saved Passwords

Treat browser extensions and saved browser passwords as high-risk and block them in business environments.
ThreatLocker treats extensions like executables and prevents saving passwords in browsers to stop stealers.

INSIGHT

Memorize Passwords For Critical Accounts

For ultra-critical accounts, memorize passwords instead of storing them anywhere to avoid centralized compromise.
Rob Allen's company requires portal and Office 365 passwords to be memorized and never stored in managers.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

Thank you to ThreatLocker for sponsoring my trip to ZTW26 and also for sponsoring this video. To start your free trial with ThreatLocker please use the following link: https://www.threatlocker.com/davidbombal Are your passwords and 2FA enough to stop a modern cyber attack? In this interview, Rob from ThreatLocker breaks down the dangerous reality of password reuse, SIM swapping, and why traditional SMS MFA is no longer bulletproof. We dive deep into how threat actors use reverse proxies like Evilginx to steal session cookies, allowing them to bypass multi-factor authentication and hijack your accounts without ever needing your password. Discover why relying on legacy VPNs and leaving firewall ports open to the internet massively increases your attack surface, leaving your organization just one brute-force attack away from ransomware. Finally, we explore the mechanics of ThreatLocker’s Zero Trust Network Access and Cloud Access, detailing how denying by default and routing through secure proxies can lock down Microsoft 365 and make your internal network effectively invisible to hackers. // Rob Allen’s SOCIAL // LinkedIn: / threatlockerrob X: https://x.com/threatlockerrob // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming up 0:57 - What is 2FA/MFA and why is it important? 02:54 - Reusing passwords 04:38 - Malicious Chrome extensions 05:39 - Average person vs cybersecurity 12:18 - SMS 2FA 13:37 - Authenticator apps 16:26 - Yubikeys 17:58 - No one is "unhackable" 21:52 - "Cookie stealing" explained 22:53 - ThrearLocker's new tool/solution 28:22 - How ThreatLocker protects Office365 29:06 - ThreatLocker protecting organizations 33:11 - Should I trust ThreatLocker? 35:54 - How safe is ThreatLocker? 38:00 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #cybersecurity #hacker #hack