Authentication
Authentication | News, how-tos, features, reviews, and videos
8 top multifactor authentication products and how to choose an MFA solution
Learn the key considerations when choosing an MFA solution and why these top picks are worth a look.
6 zero trust myths and misconceptions
If you’ve fallen for one of these myths, you may need to rethink your zero trust strategy.
SAML explained: How this open standard enables single sign on
Security Assertion Markup Language (SAML) is a standard that defines how providers can offer both authentication and authorization services. Here's what you need to know.
Consumers are done with passwords, ready for more innovative authentication
Surveys indicate that consumers are becoming more open to biometrics and multi-factor authentication.
Cybercriminals bypass 2FA and OTP with robocalling and Telegram bots
The automated bots are highly successful because they effectively emulate legitimate service providers.
NTLM relay attacks explained, and why PetitPotam is the most dangerous
Attackers can intercept legitimate Active Directory authentication requests to gain access to systems. A PetitPotam attack could allow takeover of entire Windows domains.
How to find the right testing tool for Okta, Auth0, and other SSO solutions
Implementing a single sign-on solution can be complicated, especially if you have apps that are not in the SSO vendor's catalog. These tools can simplify the process.
IoT devices have serious security deficiencies due to bad random number generation
It's not the IoT vendors' fault. Lack of a cryptographically secure pseudo-random number generator subsystem for the internet of things devices will be vulnerable.
Rainbow tables explained: How they work and why they're (mostly) obsolete
Rainbow tables are password cracking tools with origins dating back to research from the early 1980s. Here's how they work, why attacks are easy to prevent, and how they compare to modern password cracking.
How to test the impact of new Windows DCOM Server authentication
Microsoft has hardened authentication for its DCOM Server in response to a vulnerability. Check for the impact on your network now before the change becomes permanent.
4 tips to prevent easy attacker access to Windows networks
The Colonial Pipeline attackers likely got in using old, compromised VPN credentials. This advice will force attackers to work much harder.
Report: Active Directory Certificate Services a big security blindspot on enterprise networks
Microsoft's Active Directory PKI component commonly have configuration mistakes that allow attackers to gain account and domain-level privileges.
6 minimum security practices to implement before working on best practices
Every Windows network admin can improve their security posture by focusing on these six basic areas.
How to hack 2FA: 5 attack methods explained
As two-factor authentication becomes more widespread, criminals seek novel ways to subvert it. Here's what you need to know.
17 cyber insurance application questions you'll need to answer
Recent high-profile security incidents have tightened requirements to qualify for cyber insurance. These are the tougher questions insurance carriers are now asking.
Credential stuffing explained: How to prevent, detect, and defend against it
Credential stuffing is the automated use of collected usernames and passwords to gain fraudulent access to user accounts.
How to prepare for the demise of Windows NT LAN Manager
NTLM is a less secure protocol for authenticating Windows network access. Follow these steps to begin migration off it or to limit its use.
video
