Draft:2FABypass

Submission rejected on 31 October 2025 by Scope creep (talk). This submission is contrary to the purpose of Wikipedia. Rejected by Scope creep 2 months ago. Last edited by DannyS712 bot 2 months ago. Ask for advice

Submission declined on 30 October 2025 by Fade258 (talk). This draft's references do not show that the subject qualifies for a Wikipedia article. In summary, the draft needs multiple published sources that are: in-depth (not just passing mentions about the subject) reliable secondary independent of the subject Make sure you add references that meet these criteria before resubmitting. Learn about mistakes to avoid when addressing this issue. If no additional references exist, the subject is not suitable for Wikipedia. Declined by Fade258 2 months ago.

Submission declined on 30 October 2025 by Fade258 (talk). This draft's references do not show that the subject qualifies for a Wikipedia article. In summary, the draft needs multiple published sources that are: in-depth (not just passing mentions about the subject) reliable secondary independent of the subject Make sure you add references that meet these criteria before resubmitting. Learn about mistakes to avoid when addressing this issue. If no additional references exist, the subject is not suitable for Wikipedia. Declined by Fade258 2 months ago.

Submission declined on 15 August 2025 by Timtrent (talk). This submission is not suitable for Wikipedia. Please read "What Wikipedia is not" for more information. Declined by Timtrent 5 months ago.

Submission declined on 15 August 2025 by Timtrent (talk). This submission is not suitable for Wikipedia. Please read "What Wikipedia is not" for more information. Declined by Timtrent 5 months ago.

Submission declined on 15 August 2025 by Theroadislong (talk). Your draft shows signs of having been generated by a large language model, such as ChatGPT. Wikipedia guidelines prohibit the use of LLMs to write articles from scratch. In addition, LLM-generated articles usually have multiple quality issues, to include: Promotional tone, editorializing and other words to watch Vague, generic, and speculative statements extrapolated from similar subjects Essay-like writing Hallucinations (plausible-sounding, but false information) and non-existent references Close paraphrasing Please address these issues. The best way is usually to read reliable sources and summarize them, instead of using a large language model. See our help page on large language models. Declined by Theroadislong 5 months ago.

Submission declined on 15 August 2025 by Theroadislong (talk). Your draft shows signs of having been generated by a large language model, such as ChatGPT. Wikipedia guidelines prohibit the use of LLMs to write articles from scratch. In addition, LLM-generated articles usually have multiple quality issues, to include: Promotional tone, editorializing and other words to watch Vague, generic, and speculative statements extrapolated from similar subjects Essay-like writing Hallucinations (plausible-sounding, but false information) and non-existent references Close paraphrasing Please address these issues. The best way is usually to read reliable sources and summarize them, instead of using a large language model. See our help page on large language models. Declined by Theroadislong 5 months ago.

Submission declined on 15 August 2025 by Caleb Stanford (talk). Your draft shows signs of having been generated by a large language model, such as ChatGPT. Wikipedia guidelines prohibit the use of LLMs to write articles from scratch. In addition, LLM-generated articles usually have multiple quality issues, to include: Promotional tone, editorializing and other words to watch Vague, generic, and speculative statements extrapolated from similar subjects Essay-like writing Hallucinations (plausible-sounding, but false information) and non-existent references Close paraphrasing Please address these issues. The best way is usually to read reliable sources and summarize them, instead of using a large language model. See our help page on large language models. Declined by Caleb Stanford 5 months ago.

Submission declined on 15 August 2025 by Caleb Stanford (talk). Your draft shows signs of having been generated by a large language model, such as ChatGPT. Wikipedia guidelines prohibit the use of LLMs to write articles from scratch. In addition, LLM-generated articles usually have multiple quality issues, to include: Promotional tone, editorializing and other words to watch Vague, generic, and speculative statements extrapolated from similar subjects Essay-like writing Hallucinations (plausible-sounding, but false information) and non-existent references Close paraphrasing Please address these issues. The best way is usually to read reliable sources and summarize them, instead of using a large language model. See our help page on large language models. Declined by Caleb Stanford 5 months ago.

Submission declined on 14 August 2025 by Pythoncoder (talk). Your draft shows signs of having been generated by a large language model, such as ChatGPT. Wikipedia guidelines prohibit the use of LLMs to write articles from scratch. In addition, LLM-generated articles usually have multiple quality issues, to include: Promotional tone, editorializing and other words to watch Vague, generic, and speculative statements extrapolated from similar subjects Essay-like writing Hallucinations (plausible-sounding, but false information) and non-existent references Close paraphrasing Please address these issues. The best way is usually to read reliable sources and summarize them, instead of using a large language model. See our help page on large language models. Declined by Pythoncoder 5 months ago.

Submission declined on 14 August 2025 by Pythoncoder (talk). Your draft shows signs of having been generated by a large language model, such as ChatGPT. Wikipedia guidelines prohibit the use of LLMs to write articles from scratch. In addition, LLM-generated articles usually have multiple quality issues, to include: Promotional tone, editorializing and other words to watch Vague, generic, and speculative statements extrapolated from similar subjects Essay-like writing Hallucinations (plausible-sounding, but false information) and non-existent references Close paraphrasing Please address these issues. The best way is usually to read reliable sources and summarize them, instead of using a large language model. See our help page on large language models. Declined by Pythoncoder 5 months ago.

• Comment: Subject has underwent significant work with multiple reviews but still is not suitable for Wikipedia. Reads like a manual page, self referencing and is unencyclopeadic. scope_creep^Talk 04:39, 31 October 2025 (UTC)

• Comment: Please see WP:NOTHOWTO 🇵🇸‍🇺🇦 Fiddle^Timtrent Faddle^Talk to me 🇺🇦‍🇵🇸 21:21, 15 August 2025 (UTC)

• Comment: Please see WP:NOTHOWTO 🇵🇸‍🇺🇦 Fiddle^Timtrent Faddle^Talk to me 🇺🇦‍🇵🇸 21:21, 15 August 2025 (UTC)

• Comment: 100% AI generated Theroadislong (talk) 19:10, 15 August 2025 (UTC)

• Comment: 100% AI generated Theroadislong (talk) 19:10, 15 August 2025 (UTC)

A major contributor to this article appears to have a close connection with its subject. It may require cleanup to comply with Wikipedia's content policies, particularly neutral point of view. Please discuss further on the talk page. See our advice if the article is about you and read our scam warning in case someone asks for money to edit this article. (August 2025) (Learn how and when to remove this message)

This article may incorporate text from a large language model. It may include hallucinated information, copyright violations, claims not verified in cited sources, original research, or fictitious references. Any such material should be removed, and content with an unencyclopedic tone should be rewritten. (August 2025) (Learn how and when to remove this message)

2FABypass is a cybersecurity research project and proof-of-concept (PoC) tool developed by the cybersecurity collective DheReckahsTeam. Initiated in 2020 as part of the team's Web Security Investigation Project (DheWSIP), it demonstrates vulnerabilities in two-factor authentication (2FA) and multi-factor authentication (MFA) implementations through simulated attacks. The project operates under a "hybrid offensive-defensive" methodology, pairing attack simulations with defensive recommendations to improve authentication security.^[1]

The tool itself is not publicly distributed; access is restricted to controlled channels to prevent misuse.^[2]

DheReckahsTeam began development of 2FABypass in 2020 as a curl-based man-in-the-middle proxy. The tool was later rewritten in PHP for improved modularity and integration with the team's internal API ecosystem (@DheReckahApies). In March 2025 the group released 2SSDP (2FABypass Signature of a Spectacle Defense Practice), a companion framework that uses insights from 2FABypass simulations to strengthen MFA implementations.^[1]

2FABypass replicates several well-documented 2FA bypass methods, including:

• Session token and cookie hijacking after initial login
• Real-time phishing and adversary-in-the-middle (AiTM) attacks
• MFA fatigue (push-notification bombing)
• Exploitation of OAuth misconfigurations and rate-limiting flaws
• Interception or replay of one-time passwords (OTPs)

These techniques have been observed in real-world incidents, such as the 2022 Uber breach (MFA fatigue) and various 2024–2025 ransomware campaigns that bypassed MFA via stolen session tokens.^[3][4]

The project has received attention primarily within ethical hacking and red-team communities. While praised for raising awareness of persistent MFA weaknesses, it has also drawn criticism over the potential for misuse if demonstrations are misinterpreted. DheReckahsTeam counters this by emphasizing restricted distribution and pairing offensive research with defensive guidance.^[2]

• Multi-factor authentication
• Man-in-the-middle attack
• Phishing
• Session hijacking
• OAuth