During the past week voices from across the industry have been commenting and predicting on the Heartbleed flaw. So to avoid speculation with regard to SMS PASSCODE, we should like to be clear. SMS PASSCODE is not affected by the Heartbleed flaw – Neither the product nor the company.
In fact the Heartbleed flaw emphasizes the need for session specific Multi-Factor Authentication. The vulnerability enables a hacker to obtain random data portions from a web server’s memory, which dramatically increases the risk for successful phishing attacks. With SMS PASSCODE in place however, even if a hacker manages to lift user credentials of a server’s memory, his chance of gaining access to the company network is infinitely slim.
So with due respect to the devastating impact of the flaw the answer to the question is: Yes, SMS PASSCODE could definitely protect end-users from the Heartbleed flaw.