Attackers Turn Password Recovery into Backdoor backdoor into a business e-mail account. The CEO of CloudFlare, a website protection company, had used a complex and unique password as well as two-factor authentication to lock down access to his account. Attackers social-engineered his mobile phone provider (AT&T) and exploited Google’s process for resetting passwords over the phone. They then leveraged that to recover the credentials for the company’s system.Employees and their browsers might be the weak link in your security plan.”]