Authentication
Authentication | News, how-tos, features, reviews, and videos
Privacy, data protection regulations clamp down on biometrics use
The highly sensitive nature of biometric data and new regulations aimed to protect it are cause to rethink how it's used for authentication.
New US digital identity legislation promises more secure verification
COVID-19 has exposed the US’s lack of a comprehensive digital identity strategy. If passed, the Improving Digital Identity Act of 2020 will address this need through engagement among federal, state and local governments.
Is now the time to deploy passwordless options?
Viable options are now available to supplement or eliminate (almost) the need for password authentication. Here are reasons why passwordless might work for you.
What the use of open banking means for identity networks
By connecting identity data from multiple sources through APIs, the open banking concept can help verify identity more reliably and improve the customer experience.
What is a dictionary attack? And how you can easily stop them
A dictionary attack is a targeted form of brute force attack that runs through lists of common words, phrases, and leaked passwords to gain access to accounts.
8 steps to protecting login credentials
Follow this advice to help users and network admins to better protect login credentials to corporate systems.
Protect your Windows network from excessive administrator rights
Every developer or user on your network with administrative privileges adds risk of account compromise. Review privileges and take these steps to better manage Windows network access rights.
5 best practices to secure single sign-on systems
Don't assume that SSO is inherently secure. Follow these recommendations to prevent unauthorized access due to authentication flaws.
Privilege escalation explained: Why these flaws are so valuable to hackers
Attackers use privilege escalation flaws to gain access to systems and applications. Patching and monitoring are the most important ways to stop them.
John the Ripper explained: An essential password cracker for your hacker toolkit
One of the oldest password cracking and testing tools, John the Ripper is still an essential pen testing tool.
Why COVID-19 will change identity management forever
Large job losses, more people working from home, and an increased use of freelancers and consultants are forcing companies to rethink their access control models.
Hashcat explained: How this password cracker works
Hashcat is a popular and effective password cracker widely used by both penetration testers and sysadmins as well as criminals and spies. At its most basic level, hashcat guesses a password, hashes it, and then compares the resulting...
The trouble with 2fa
With a large percentage of your workforce now working remotely, two-factor authentication (2fa) can make them (or your company data) safer online. But how you're doing it now probably isn't helping much at all.
New coronavirus-era surveillance and biometric systems pose logistical, privacy problems
Governments and companies are using biometrics and geolocation to identify and track potential coronavirus victims in the name of public safety.
4 key problems with digital identity and why we need a new approach
To more accurately and more safely authenticate people online, digital identity needs to better cope with changes in people's lives. It's time to build identity technology for a digital life.
Making the case for hardware 2FA in the enterprise
Hardware 2FA tokens are the best and cheapest defense against phishing and credential stuffing attacks, but there are some gotchas.
Authentication, identity management start-ups lead 2019 VC investing
Cybersecurity venture investments reached nearly $7 billion in 2019. Authentication and identity management start-ups were the top lures.
