Two Factor and Multifactor Authentication Strategies
- April 10, 2018
W3C and the FIDO Alliance have given websites a new tool for doing FIDO-compliant authentication, as the WebAuthn authentication protocol is promoted to W3C Candidate Recommendation.
- February 23, 2018
Facebook came under fire after a two-factor authentication bug sent non-security notifications to users' phones, sparking a debate about media coverage and 2FA adoption.
- October 20, 2017
Google's Advanced Protection Program greatly increases the security of user accounts, but the usability tradeoffs may not be worth it for average users.
- June 21, 2017
At the 2017 Cloud Identity Summit, Ping Identity launched a new software development kit that will embed multifactor authentication security features in mobile apps.
- May 05, 2017
News roundup: Attackers exploit SS7 vulnerability and drain bank accounts. Plus, Trump signs government IT executive order, an Intel AMT flaw threatens millions and more.
- April 07, 2017
CA Strong Authentication brings inexpensive multi- and two-factor authentication to businesses looking to protect mobile applications and devices and to prevent identity theft.
- February 16, 2017
Yubico founder and CEO Stina Ehrensvard spoke with SearchSecurity at RSAC 2017 about FIDO authentication and how Google uses it to secure logins and cut costs.
- February 03, 2017
News roundup: Google updates G Suite with stronger authentication. Plus, WordPress secretly patches vulnerabilities, malware is likely to infect entire OSes, and more.
- January 17, 2017
Researchers saw a Gmail phishing campaign in the wild using clever tricks to access accounts including a difficult 2FA bypass only possible in real time.
- September 29, 2016
Citing a long list of transgressions, Mozilla prepares to sanction Chinese certificate authority WoSign by removing it from its list of trusted certificate issuers.
- July 26, 2016
America's National Institute for Standards and Technology is advising the deprecation of using SMS-based two-factor authentication in order to improve security.
- May 26, 2016
Microsoft speeds deprecation of SHA-1, Google dropping support for RC4, SSLv3, as web software publishers approach end of life for obsolete cryptographic algorithms and protocols.
- December 23, 2015
Increasing desire to be rid of SHA-1-signed certificates causes Google to join Microsoft, Mozilla in a likely acceleration of Chrome SHA-1 deprecation by six months.
- August 14, 2015
Dropbox announced it is strengthening login options with support for universal 2nd factor (U2F) security keys with the aim of making two-step verification faster and easier.
- August 04, 2015
Identity and access management deployments are notoriously complex. And things are getting worse as legacy technology meets next-generation applications. As the traditional network perimeter continues to disappear, robust IAM becomes more important ...