Authentication

Authentication | News, how-tos, features, reviews, and videos

A businessman interacts with a Microsoft-colored shield protecting network users + user groups.
A binary mask.

Admission tickets in an digital network / access / admittance / authorization / authentication

What is OAuth? How the open authorization framework works

OAuth is an open-standard authorization protocol or framework that describes how unrelated servers and services can safely allow authenticated access to their assets. It is widely accepted, but be aware of its vulnerabilities.

Credential theft  > A thief steals a password.

How to detect and halt credential theft via Windows WDigest

Attackers can steal user credentials by enabling credential caching in the Windows authentication protocol WDigest. Here's how to stop them.

Multi-factor authentication (MFA) / two-factor authentication (2FA) / one-time security code

2fa explained: How to enable it and how it works

Two-factor authentication (2fa) is a method of establishing access to an online account or computer system that requires the user to provide two different types of information. It can boost security for anyone using any kind of online...

'NO' symbol [circle-backslash] and raised hand against a background of passwords / passcodes

How to disable legacy authentication in Microsoft Exchange to enable MFA

Microsoft recommends enabling multi-factor authentication for Office 365. To do so, you must also disable basic or legacy authentication on Microsoft Exchange Server.

black hat / hacker / spotlight / binary overlay

4 takeaways from Black Hat 2019

Experts identified new trends and warned of emerging or growing threats, including security's impact on software development and the growing threat social media poses.

access control / authentication / privileges / managing permissions

What is access control? A key component of data security

Access control is a method of guaranteeing that users are who they say they are and that they have the appropriate access to company data. It is a vital aspect of data security, but it has some significant enforcement challenges.

CSO  >  Digital identity  >  personal identity / recognition + access authentication / personal data

Taxpayer First Act: Improving identity verification and modernizing the IRS

With citizens' PII at risk, some federal agencies like the IRS are moving away from knowledge-based verification. It's time for them all to follow suit.

Identity access management  >  abstract network connections and circuits reflected in eye

How to check Privileged Identity management settings for Office 365

Microsoft Azure Privileged Identity Management (PIM) allows you to set administrative rights for roles on an as-needed basis, reducing risk.

Targeting user behavior.

How to set up Microsoft Azure AD Identity Protection to spot risky users

Whichever license of Azure Active Directory you own, you have options to set up alerts and automate actions to risky user behavior.

digital fingerprint / binary code

Companies with zero-trust network security move toward biometric authentication

According to new research, more companies are enabling biometric authentication on devices to verify access requests.

CSO  >  Digital identity  >  personal identity / recognition + access authentication / personal data

Is the digital identity layer missing or just misplaced?

The orchestration of existing services and data could provide a digital identity layer that gives the internet a common way to handle identity for all consumers.

office 365 disable single authentication password by rayalhristova betty

How to disable basic authentication in Microsoft Office 365

If you've implemented multi-factor authentication, you should disable the default basic authentication to make sure attackers can't exploit it.

CSO > Password elimination [conceptual password security lock in a trash bin]

How First Citrus Bank got rid of employee passwords

The Florida bank rolled out passwordless authentication in February that relies on device biometrics of their smartphones.

file sharing / data sync / shared records / eliminating redundancy of multiple identities

Can the re-use of identity data be a silver bullet for industry?

The ability to re-use identity data for individuals across different systems would greatly simplify authentication. Here's what it would take to make it happen.

6 gotta know ipassword tips reveal password with large type 6

What should your company’s change password policy be?

Microsoft's recent dropping of its maximum password age default renews the debate over forced password changes. Here's why you should continue to expire passwords.

Hands write on paper with pen.

FINRA Rule 4512: U.S. SEC approves electronic signatures

The updated FINRA Rule 4512(a)(3) is now in effect, striking a blow against outdated regulations.

2fa sms

Why unauthenticated SMS is a security risk

Multifactor authentication that uses SMS messaging as a second factor is vulnerable to simple hacks. User education is the best defense.

06 permission

Check your access control permissions before hackers do

Every organization has devices, networks or cloud services with improperly configured permissions that expose sensitive data or could allow hackers to gain privileged access. Check them now.

Load More
You Might Also Like