Password authentication News
June 08, 2017
IoT cameras could be fully compromised due to multiple vulnerabilities, including hardcoded passwords that can be used regardless of user settings.
May 13, 2017
The involvement of GCHQ in the NHS ransomware incidence marks a turning point in the first against cybercrime
February 10, 2017
News roundup: F5 virtual server flaw, dubbed Ticketbleed, is similar to Heartbleed. Plus, DHS is considering requiring social media passwords on visa applications, and more.
February 01, 2017
Thanks to a polarizing election, the potential ramifications of cybersecurity attacks are front and center. Your friends and relatives probably have some concept of what it is that you actually do and its importance. But the daily challenges of protecting most enterprise environments is less like The Americans than they might think. Still, it's exciting. In this issue of Information Security magazine, we look at the incoming threats in 2017 and some countermeasures that can help your organization bolster its defenses.
Last year, we saw the internet of things used as a beachhead in larger cybersecurity attacks. Many devices now use cloud-based systems to communicate. They regularly send status updates to the cloud server and retrieve new commands to execute. Weak and incorrectly implemented authentication between device and cloud is often the point of failure that can be exploited to either attack the cloud infrastructure or the device. So far, destructive attacks are not common and are mostly limited to distributed denial-of-service attacks, which do not cause permanent damage. But future attacks, if they are combined with ransom demands, may destroy devices intentionally.
Breaches of cloud storage that modify data instead of just "stealing" it and vulnerabilities in microservices environments are other areas in which attackers may get more leverage. With the emergence of cloud-based microservices, this problem will only become worse. Instead of including a library in software shipped to clients, the software now relies on cloud-based web services to perform certain functions. We look at what is coming next and ways to mitigate these cybersecurity attacks.
Password authentication Get Started
Bring yourself up to speed with our introductory content
Biometrics and behavioral analysis is taking hold as security pros search for authentication tools to thwart increasingly aggressive and innovative hacking attacks. Continue Reading
Biometric authentication methods, like voice, fingerprint and facial recognition systems, may be the best replacement for passwords in user identity and access management. Continue Reading
The old username/password combination is not the safest form of ID management. See why two-factor authentication belongs in IT's mobile security arsenal and learn how to set it up. Continue Reading
Evaluate Password authentication Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Jason Hong talks about Carnegie Mellon's work in social cybersecurity, a new discipline that uses techniques from social psychology to improve our ability to be secure online. Continue Reading
The Microsoft Authenticator application enables smartphone-based, two-factor authentication and attempts to reduce the use of passwords. Expert Matthew Pascucci explains how. Continue Reading
Facebook's Delegated Recovery aims to replace knowledge-based authentication with third-party account verification. Expert Michael Cobb explains how this protocol works. Continue Reading
Manage Password authentication
Learn to apply best practices and optimize your operations.
AWS recommends multi-factor authentication as a best practice for accounts that access administrative services. Here are some ways to apply MFA and prevent cloud access breaches. Continue Reading
Using the same local admin password is convenient, but risky. It gives attackers limitless access across the machines on the domain. Microsoft has a tool to boost login security. Continue Reading
Yahoo reportedly rejected a forced password reset after numerous data breaches compromised user data. Expert Mike O. Villegas discusses whether this should be a standard practice. Continue Reading
Problem Solve Password authentication Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Cached credentials make users' lives easier, but they can be a security issue in Windows if a device falls into the wrong hands. IT can manage them on a large scale with PowerShell. Continue Reading
A DocuSign phishing email with a link to a malicious Word document recently targeted the company's users. Expert Judith Myerson outlines six ways to avoid this type of attack. Continue Reading
A Google Chrome flaw enables attackers to automatically download Windows credentials to their SMB sever. Expert Judith Myerson explains how that works. Continue Reading