Authentication

Authentication | News, how-tos, features, reviews, and videos

CSO > Password elimination [conceptual password security lock in a trash bin]
A large 'X' marks a conceptual image of a password amid encrypted data.

Conceptual image of a password amid hexadecimal code.

How to reset Kerberos account passwords in an Active Directory environment

A regular reset of the KRBTGT account password will help prevent golden ticket attacks that allow wide unauthorized access to your network.

podcast 3x16 2
Sponsor Podcast Microsoft

Episode 3: The Zero Trust Model

Episode 3: In this episode, we look at the steps organizations are taking toward Zero Trust and provide recommendations for making the most of a Zero Trust model to reduce risk while helping employees be more productive, regardless...

cloud security expert casb binary cloud computing cloud security by metamorworks getty

Cloudflare wants to be your corporate network backbone with centralized management and security

Magic WAN and Magic Firewall aim to simplify linking sites and datacenters while allowing organizations to better enforce security policies.

User ID + password / credentials / authentication

FIDO explained: How this industry initiative aims to make passwords obsolete

The FIDO Alliance is an industry association that promotes the use of public-key cryptography to bring strong authentication to the Web.

A large 'X' marks a conceptual image of a password amid encrypted data.

Hashing explained: Why it's your best bet to protect stored passwords

Hashing is a cryptographic process that makes it harder for attackers to decrypt stored passwords, if used correctly.

digital fingerprint / binary code

Privacy, data protection regulations clamp down on biometrics use

The highly sensitive nature of biometric data and new regulations aimed to protect it are cause to rethink how it's used for authentication.

One avatar is uniquely identified among others at the center of a bullseye in a digital environment.

New US digital identity legislation promises more secure verification

COVID-19 has exposed the US’s lack of a comprehensive digital identity strategy. If passed, the Improving Digital Identity Act of 2020 will address this need through engagement among federal, state and local governments.

A large 'X' marks a conceptual image of a password amid hexadecimal code.

Is now the time to deploy passwordless options?

Viable options are now available to supplement or eliminate (almost) the need for password authentication. Here are reasons why passwordless might work for you.

A mobile phone with virtual security framework overlay.

What the use of open banking means for identity networks

By connecting identity data from multiple sources through APIs, the open banking concept can help verify identity more reliably and improve the customer experience.

Triangular alert with exclamation mark amid abstract binary and sketches of scattered books.

What is a dictionary attack? And how you can easily stop them

A dictionary attack is a targeted form of brute force attack that runs through lists of common words, phrases, and leaked passwords to gain access to accounts.

security access / authorization / login credentials / username / password / mobile phone

8 steps to protecting login credentials

Follow this advice to help users and network admins to better protect login credentials to corporate systems.

Access control: A laptop displays an 'access granted' alert.

Protect your Windows network from excessive administrator rights

Every developer or user on your network with administrative privileges adds risk of account compromise. Review privileges and take these steps to better manage Windows network access rights.

An obscured password is displayed on a monitor.

5 best practices to secure single sign-on systems

Don't assume that SSO is inherently secure. Follow these recommendations to prevent unauthorized access due to authentication flaws.

access control / authentication / privileges / security / key

Privilege escalation explained: Why these flaws are so valuable to hackers

Attackers use privilege escalation flaws to gain access to systems and applications. Patching and monitoring are the most important ways to stop them.

Binary code data flows through the cracked seal of a vault.

John the Ripper explained: An essential password cracker for your hacker toolkit

One of the oldest password cracking and testing tools, John the Ripper is still an essential pen testing tool.

Conceptual art: Creative collaboration while physically distancing during the COVID-19 pandemic.

Why COVID-19 will change identity management forever

Large job losses, more people working from home, and an increased use of freelancers and consultants are forcing companies to rethink their access control models.

A conceptual representation of accessing username and password credentials.

Hashcat explained: How this password cracker works

Hashcat is a popular and effective password cracker widely used by both penetration testers and sysadmins as well as criminals and spies. At its most basic level, hashcat guesses a password, hashes it, and then compares the resulting...

Multifactor authentication  >  Mobile phone verification of a permission request for laptop login.

The trouble with 2fa

With a large percentage of your workforce now working remotely, two-factor authentication (2fa) can make them (or your company data) safer online. But how you're doing it now probably isn't helping much at all.

Load More
You Might Also Like