Authentication

Authentication | News, how-tos, features, reviews, and videos

COVID-19 coronavirus / network of vectors

New coronavirus-era surveillance and biometric systems pose logistical, privacy problems

Governments and companies are using biometrics and geolocation to identify and track potential coronavirus victims in the name of public safety.

abstract face / digital identity

4 key problems with digital identity and why we need a new approach

To more accurately and more safely authenticate people online, digital identity needs to better cope with changes in people's lives. It's time to build identity technology for a digital life.

digital circuit-board key amid binary code / hardware key

Making the case for hardware 2FA in the enterprise

Hardware 2FA tokens are the best and cheapest defense against phishing and credential stuffing attacks, but there are some gotchas.

binary eye circuits

Authentication, identity management start-ups lead 2019 VC investing

Cybersecurity venture investments reached nearly $7 billion in 2019. Authentication and identity management start-ups were the top lures.

login credential - user name, password - administrative controls - access control - single sign-on

Do you trust your admins? 5 tips to manage administrator access

The access rights that internal and external network admins possess carry the potential for abuse and errors that can expose systems and data. These practices can help avoid that.

A business man touches a futuristic lock + circuit board security interface.

5 standout products from RSA 2020

2020 will be remembered as the year the human element finally came to security.

facial recognition - biometric security identification

3 reasons you can’t fight facial recognition

The biometric backlash is but a brief blip. Resistance is futile. You WILL be identified. But is that good or bad?

digital identity / authentication

What's ahead for digital identity in 2020?

Events of the past year have set up big changes for digital identity in 2020. Here's recap of what happened and what to expect this year.

Windows logo / life preserver / rescue / recovery / fix / resolve / solution

How to fix insecure LDAP binds to prevent exposed Windows admin credentials

Although Microsoft has a permanent fix on the way, it's possible that you're exposing domain admin account credentials in cleartext. Here's how to check for and solve that problem.

access control / authentication / privileges / security

Two tips to make multifactor authentication for Office 365 more effective

Here's how to set up "break glass" accounts for emergency admin access to Microsoft Office 365 and brand your Office 365 log-in page to foil fake pages.

Digitizing stylus input via tablet  >  writing / drawing / signatures

NHTSA odometer disclosure rule might pave way for e-signature authentication

The Final Rule allows flexibility in the technology they use to digitally verify identity through electronic signatures, including a pen pad or biometrics.

Virgin Hyperloop One X-1 pod

How Virgin Hyperloop One protects its most precious data

VHO's high profile means its intellectual property is coveted by competitors, nation-states and curious hackers. Tightly controlled access is the key to protecting that data.

silver platter passwords exposed authentication hacked vulnerable security breach

4 authentication use cases: Which protocol to use?

Choosing the wrong authentication protocol could undermine security and limit future expansion. These are the recommended protocols for common use cases.

access management / access control / user connections / identities

Flex streamlines app access for 20k suppliers with IAM overhaul

Contract manufacturer Flex dumped its distributed identity and access management system for a more centralized, cloud-based option that better protects data and intellectual property.

Many keys, one lock  >  Brute-force credential stuffing.

Credential stuffing explained: How to prevent, detect and defend against it

The automated use of breached usernames and passwords to access accounts is low risk, high reward for cybercriminals. Here's how to make it harder for them to use credential stuffing.

A businessman interacts with a Microsoft-colored shield protecting network users + user groups.

How to audit permissions after a Windows migration

As companies move off Windows 7 and Server 2008, they run the risk of leaving dangerous access permissions behind. Here's how to find them.

security policy primary

How to create an effective security policy (and 4 templates to get you started)

Download our ebook that features templates for security policies on passwords, acceptable use, email, access control, BYOD and incident response.

A binary mask.

Deepfakes and synthetic identity: More reasons to worry about identity theft

How can we maintain control over digital identity In a world where it is being blurred and abused by fraudsters?

Admission tickets in an digital network / access / admittance / authorization / authentication

What is OAuth? How the open authorization framework works

OAuth is an open-standard authorization protocol or framework that describes how unrelated servers and services can safely allow authenticated access to their assets. It is widely accepted, but be aware of its vulnerabilities.

Credential theft  > A thief steals a password.

How to detect and halt credential theft via Windows WDigest

Attackers can steal user credentials by enabling credential caching in the Windows authentication protocol WDigest. Here's how to stop them.

Load More