Identity Management

Identity Management news, information, and how-to advice

the interview movie
orange fingerprint

gmail hijack

Forgotten subdomains boost risk of account hijacking, other attacks

Some sites have subdomains pointed at old domains that have long expired and can be registered by attackers

What you should consider when choosing a password manager

Password managers offer many convenient options, but some come at the expense of security

Dump your passwords! 8 security and identity breakthroughs

From electronic pills to digital tattoos, these eight innovations aim to secure systems and identities without us having to remember a password ever again

identity concept 164551610

New Brunswick conquers identity management with virtual directory

What started as a single provincial department's effort to roll out a virtual directory now helps government employees and citizens access about 150 applications. Find out how New Brunswick solved what could have otherwise been a big...

Salesforce warns customers of malware attack

A new version of the Dyreza online banking Trojan is stealing Salesforce.com log-in credentials

Hackers launch Apple ID phishing campaign playing on iCloud security worries

Phishing emails masquerade as security alerts from Apple about rogue iTunes purchases, researchers from Symantec said

LinkedIn beefs up account security with session management, detailed alerts

LinkedIn now allows users to see and terminate their authenticated sessions from multiple devices

27 million South Koreans affected by data breach

South Korean authorities have revealed details surrounding massive data breach that impacts 27 million people aged 15-65. Moreover, local media is reporting that 16 people involved with the scheme were arrested, and that the full...

wipeout
In Depth

Why your online identity can never really be erased

A ruling by a European Court may make it more difficult to find certain information that people claim is 'inadequate ... irrelevant ... or excessive,' but that doesn't mean it will disappear. Some critics, who call the ruling...

Is “Bring Your Own Identity” a security risk or advantage?

Questions abound over websites authenticating users via identities established through Facebook, LinkedIn, Google, Amazon, Microsoft Live, Yahoo Ponemon Institute survey shows.

Why the Microsoft Active Directory design flaw isn't serious

Experts are skeptical of the seriousness of a reported design flaw in Microsoft Active Directory, which is used by many enterprises to control employee access to the corporate network.

Why password managers are not as secure as you think

University researchers have raised concerns about the security of web-based password managers that free people from the burden of having to remember website credentials.

How to set up two-factor authentication for iCloud

Apple is reportedly implementing two-factor authentication for some new iCloud services. If you haven't set up that security system already, here's how to do so.

pay pal sign

PayPal error shows how NOT to use two-factor authentication

A PayPal error made it possible to bypass two-factor authentication on a user account, demonstrating what can go wrong in deploying a tricky security mechanism.

binary hard drive

Code Spaces forced to close its doors after security incident

Code Spaces, a SVN and Git hosting provider, used by organizations for project management and development needs, has folded after an attacker compromised their internal systems.

Let's say goodbye to passwords

Over the last few years I’ve been conducting unofficial surveys of security analysts and security executives I meet in the field. My goal is always to determine what security solutions have been most detrimental to actually achieving...

Security pros and cons of Apple's latest operating systems

Apple's march toward seamless integration between the Mac, iPhone and iPad worries some security experts who say companies may find it more difficult to prevent data leakage on the devices.

serverskulls header

Vendor error forces Lowe's to issue breach notification letters

In a letter to both current and former employees, Lowe’s says that personal information might have been compromised after a third-party vendor exposed it to the public.

Load More