Web Authentication and Access Control News
October 30, 2015
Google demands Certificate Transparency for all Symantec-issued certificates in wake of last month's escalating disclosures about fake "testing" certificates.
September 16, 2015
A new report details how attackers can fly under the radar by using stolen credentials in order to avoid breach detection and forgoing the use of malware in malicious activity.
June 11, 2015
Agencies from U.S. and U.K. governments now support the FIDO Alliance and its open standards for passwordless authentication.
March 25, 2015
Google, Microsoft, and Mozilla have revoked unauthorized TLS certificates issued by an intermediate certificate authority that could have been used in man-in-the-middle attacks.
Web Authentication and Access Control Get Started
Bring yourself up to speed with our introductory content
Single sign-on is a session and user authentication process in which a user can access multiple applications with one name and password. Continue Reading
A Certificate Revocation List (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority and should not be trusted. Web browsers use CRLs to determine whether a website's digital certificate is still valid ... Continue Reading
Biometric authentication has quickly evolved to include behavioral identifiers. Expert Michael Cobb explores the benefits of behavioral biometric technology for enterprises. Continue Reading
Evaluate Web Authentication and Access Control Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Using passwords to authenticate users has a long and troubled past. Expert Rob Shapland explains how open standards such as FIDO, SAML and OpenID can help solve the woes surrounding user authentication in the cloud. Continue Reading
Learn about the new and improved security features in the upcoming Microsoft Edge browser, including on-by-default sandboxes, Passport and HTML5. Continue Reading
Cloud credentials can create major vulnerabilities. Expert Dan Sullivan outlines how to detect compromised credentials and the best ways to prevent it. Continue Reading
Manage Web Authentication and Access Control
Learn to apply best practices and optimize your operations.
The password is not dead yet: Most enterprise personnel use a password to log into a site or a device every day. This three-part technical guide looks at how passwords can be better employed, while they are still around.
The opening chapter ... Continue Reading
News of the death of the password system is premature, despite the security vulnerabilities of this authentication method. Learn how to create a safe password system. Continue Reading
Too many privileged accounts can result in access abuse in enterprises. Expert Mike O. Villegas discusses which account privileges should be limited to reduce security incidents. Continue Reading
Problem Solve Web Authentication and Access Control Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Mandatory access control and application sandboxing both offer layers of security through controlling access to system resources. Expert Michael Cobb explains what sets each apart. Continue Reading
Doling out too many admin privileges can lead enterprises astray when it comes to privileged identity management, but there are ways they can take back control. Continue Reading
While using the cloud for identity and access management can simplify the task, it is critical to consider a number of factors when implementing cloud IAM products and services. Expert Dave Shackleford explains. Continue Reading