Two-factor and multifactor authentication strategies

User names and passwords are no longer enough and more enterprises are deploying two-factor or multifactor authentication products. Browse the articles and advice in this section for the latest information on using strong authentication in your organization.

Top Stories

News 14 Apr 2021
Engineering firm mitigates ransomware attack with Nasuni

Ransomware got in through an exploit in an older version of SQL Server, but Dennis Group used Nasuni to restore its systems back to a pre-attack state with minimal data loss. Continue Reading
By
- Johnny Yu
Tip 08 Feb 2021
7 privileged access management best practices

Privileged access is a given in enterprise environments, but it presents many security issues if breached. Follow these seven PAM best practices to mitigate risk. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec

Definition 24 Mar 2023
three-factor authentication (3FA)

Three-factor authentication (3FA) is the use of identity-confirming credentials from three separate categories of authentication factors -- typically, the knowledge, possession and inherence categories. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
Definition 20 Mar 2023
FIDO (Fast Identity Online)

FIDO (Fast Identity Online) is a set of technology-agnostic security specifications for strong authentication. Continue Reading
By
- David Strom
Definition 07 Feb 2023
tokenization

Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security. Continue Reading
By
- Ben Lutkevich, Site Editor
Definition 20 Apr 2022
WLAN Authentication and Privacy Infrastructure (WAPI)

WLAN Authentication and Privacy Infrastructure (WAPI) is a wireless local area network security standard officially supported by the Chinese government. Continue Reading
By
- Rahul Awati
Definition 07 Apr 2022
Open System Authentication (OSA)

Open System Authentication (OSA) is a process by which a computer could gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol. Continue Reading
By
- Paul Kirvan
Definition 06 Apr 2022
AAA server (authentication, authorization and accounting)

An AAA server is a server program that handles user requests for access to computer resources and, for an enterprise, provides authentication, authorization and accounting (AAA) services. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Definition 31 Mar 2022
authentication server

An authentication server is an application that facilitates the authentication of an entity that attempts to access a network. Continue Reading
By
- Katie Terrell Hanna
Definition 25 Feb 2022
Shared Key Authentication (SKA)

Shared Key Authentication (SKA) is a process by which a computer can gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol. Continue Reading
By
- Andrew Zola
Definition 11 Feb 2022
Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) is an encryption protocol based on the U.S. federal government's Advanced Encryption Standard (AES) algorithm and uses the Counter Mode with CBC-MAC (CCM) mode of operation. Continue Reading
By
- Rahul Awati
Definition 29 Dec 2021
smart card

A smart card is a physical card that has an embedded integrated chip that acts as a security token. Continue Reading
By
- Ben Lutkevich, Site Editor
- Linda Rosencrance
- Michael Cobb
Definition 10 Dec 2021
virtual local area network hopping (VLAN hopping)

Virtual local area network hopping (VLAN hopping) is a method of attacking the network resources of a VLAN by sending packets to a port not usually accessible from an end system. Continue Reading
By
- Andrew Zola
Definition 30 Sep 2021
RADIUS (Remote Authentication Dial-In User Service)

RADIUS (Remote Authentication Dial-In User Service) is a client-server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
Definition 29 Sep 2021
CHAP (Challenge-Handshake Authentication Protocol)

CHAP (Challenge-Handshake Authentication Protocol) is a challenge and response authentication method that Point-to-Point Protocol (PPP) servers use to verify the identity of a remote user. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
Definition 21 Sep 2021
key fob

A key fob is a small, programmable device that provides access to a physical object. Continue Reading
By
- Rahul Awati
- Diana Hwang
Definition 15 Sep 2021
Kerberos

Kerberos is a protocol for authenticating service requests between trusted hosts across an untrusted network, such as the internet. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
- Michael Cobb
Definition 31 Aug 2021
federated identity management (FIM)

Federated identity management (FIM) is an arrangement between multiple enterprises or domains that enables their users to use the same identification data (digital identity) to access all their networks. Continue Reading
By
- Rahul Awati
- Linda Rosencrance
Definition 20 Aug 2021
nonrepudiation

Nonrepudiation ensures that no party can deny that it sent or received a message via encryption and/or digital signatures or approved some information. Continue Reading
By
- Rahul Awati
Definition 05 Aug 2021
cyberstalking

Cyberstalking is a crime in which someone harasses or stalks a victim using electronic or digital means, such as social media, email, instant messaging (IM) or messages posted to a discussion group or forum. Continue Reading
By
- Rahul Awati
Definition 07 Jun 2021
meet-in-the-middle attack

Meet-in-the-middle is a known plaintext attack that can greatly reduce the number of brute-force permutations required to decrypt text that has been encrypted by more than one key. Continue Reading
By
- TechTarget Contributor
Definition 13 May 2021
block cipher

A block cipher is a method of encrypting data in blocks to produce ciphertext using a cryptographic key and algorithm. Continue Reading
By
- TechTarget Contributor
Definition 11 May 2021
Extensible Authentication Protocol (EAP)

The Extensible Authentication Protocol (EAP) is a protocol for wireless networks that expands the authentication methods used by the Point-to-Point Protocol (PPP), a protocol often used when connecting a computer to the internet. Continue Reading
By
- Eva Webster
- TechTarget Contributor
Definition 15 Apr 2021
user authentication

User authentication verifies the identity of a user attempting to gain access to a network or computing resource by authorizing a human-to-machine transfer of credentials during interactions on a network to confirm a user's authenticity. Continue Reading
By
- TechTarget Contributor
News 14 Apr 2021
Engineering firm mitigates ransomware attack with Nasuni

Ransomware got in through an exploit in an older version of SQL Server, but Dennis Group used Nasuni to restore its systems back to a pre-attack state with minimal data loss. Continue Reading
By
- Johnny Yu
Tip 08 Feb 2021
7 privileged access management best practices

Privileged access is a given in enterprise environments, but it presents many security issues if breached. Follow these seven PAM best practices to mitigate risk. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec
Tip 14 Jan 2021
Select a customer IAM architecture to boost business, security

Not all customer IAM platforms are created equal. Will a security-focused or marketing-focused CIAM architecture best meet your organization's needs? Read on for help deciding. Continue Reading
By
- Mike Chapple, University of Notre Dame
Opinion 02 Nov 2020
Cybersecurity for remote workers: Lessons from the front

Tackle the security challenges COVID-19 wrought by using this playbook from an experienced disaster-zone responder. Continue Reading
By
- Rich Mogull, Securosis
Quiz 05 Oct 2020
Quiz: Network security authentication methods

There are many methods available to authenticate users requesting access to an organization's systems. Test your knowledge with this quiz on authentication in network security. Continue Reading
By
- Katie Donegan, Social Media Manager
News 18 Aug 2020
Asigra Cloud Backup piles on extra layers of cyberdefense

As cybercriminals circumvent immutable backup by stealing admin credentials, Asigra 14.2 counters with Deep MFA, asking for permission whenever changes to backup policies are made. Continue Reading
By
- Johnny Yu
Tip 31 Jul 2020
6 persistent enterprise authentication security issues

Some authentication factors are considered more secure than others but still come with potential drawbacks. Learn about the most common enterprise authentication security issues. Continue Reading
By
- Katie Donegan and Paul Strassmann
Tip 10 Jun 2020
How security teams can prevent island-hopping cyberattacks

Learn how to prevent island-hopping cyberattacks to keep hackers from gaining the confidence of a phishing victim who could then accidentally commit corporate financial fraud. Continue Reading
By
- Nick Cavalancia, Techvangelism
Feature 27 May 2020
Top 3 advantages of smart cards -- and potential disadvantages

As smart card adoption increases, it is prudent to take a closer look at how this technology can improve data security. Here, read more about the benefits of smart cards. Continue Reading
By
- Katie Donegan, Social Media Manager
- Joel Snyder, Opus One
Tip 05 May 2020
Identifying common Microsoft 365 security misconfigurations

Microsoft 365 security problems can double the time it takes to contain a breach, according to a new survey. Check out best practices and operational strategies to fix them. Continue Reading
By
- Johna Till Johnson, Nemertes Research
Podcast 01 May 2020
Risk & Repeat: RDP security under fire amid COVID-19

This week's Risk & Repeat podcast looks at how Microsoft's Remote Desktop Protocol, already a popular vector with hackers, has received even more attention during the pandemic. Continue Reading
By
- Rob Wright, Senior News Director
Opinion 25 Mar 2020
How zero-trust authentication and architecture have evolved

Zero-trust architecture has spread across the enterprise security software market, so IT pros should understand the latest advancements in zero-trust authentication. Continue Reading
By
- Kyle Johnson, Technology Editor
Tip 26 Feb 2020
Stop business email compromise with three key approaches

Why is BEC such a popular attack? Because it works, unfortunately, tempting hackers with huge potential payouts. Learn how to keep them from lining their pockets with your assets. Continue Reading
By
- Nick Cavalancia, Techvangelism
News 18 Feb 2020
Dell sells RSA Security to private equity firm for $2 billion

With RSA Conference just around the corner, Dell announced it has agreed to sell RSA to private equity firm Symphony Technology Group for approximately $2 billion. Continue Reading
By
- Arielle Waldman, News Writer
News 09 Oct 2019
Twitter 2FA data 'inadvertently' used for advertising

Twitter used two-factor authentication information, including email addresses and phone numbers, to target ads for an unknown number of people over an unknown period of time. Continue Reading
By
- Michael Heller, TechTarget
Tip 09 Oct 2019
Top Office 365 MFA considerations for administrators

A complex password only goes so far to stop a breach. Implementing multifactor authorization can help, but make sure the product you select fits your current and future needs. Continue Reading
By
- Reda Chouffani, Biz Technology Solutions
Opinion 17 Sep 2019
A look at ID proofing: bootstrapping a digital ID using a mobile device and physical ID

For the moment, it’s more for B2C than for employees, but it’s poised to keep spreading. Continue Reading
By
- Kyle Johnson, Technology Editor
Tip 17 Jul 2019
The benefits of IAM can far outweigh the costs

Identity and access management is a critical piece of enterprise information security. But the benefits of IAM go beyond illuminating who -- and what -- might be using your network. Continue Reading
By
- Kevin Beaver, Principle Logic, LLC
News 01 Jul 2019
IAM market evolves, but at a cost

At a recent security and identity conference, attendees discussed the IAM market in clear terms: Shiny new features might be cool, but practicality reigns. Continue Reading
By
- Jesse Scardina, News Writer
Feature 27 Jun 2019
Words to go: Identity and access management security

IT pros must keep up to date with rapidly changing identity technology and access threats. Help protect IAM security by getting familiar with this list of foundation terms. Continue Reading
By
- Katie Donegan, Social Media Manager
News 17 Jun 2019
YubiKey FIPS recalled from government for reduced randomness

Yubico recalled YubiKey FIPS series devices after discovering an issue leading to reduced randomness in values generated by the keys, which are used by federal agencies. Continue Reading
By
- Michael Heller, TechTarget
Answer 31 May 2019
Why are fewer companies using SMS 2FA for authentication?

Instead of SMS two-factor authentication, some companies are switching to 2FA through messaging apps and social media platforms. Learn what's behind this authentication trend. Continue Reading
By
- Tsahi Levent-Levi, BlogGeek.me
News 17 May 2019
How Google turned 1.5 billion Android phones into 2FA keys

Google product manager Christiaan Brand discusses the journey to making 1.5 billion Android devices work as 2FA security keys and the plan for the future. Continue Reading
By
- Michael Heller, TechTarget
Answer 17 May 2019
How can biometric authentication improve mobile security?

A strong mobile authentication strategy should include a biometric factor, and IT should consider implementing such a factor into a multifactor authentication process. Continue Reading
By
- Robert Sheldon
Feature 06 May 2019
5 common authentication factors to know

Multifactor authentication is a security system that requires two or more authentication steps to verify the user's identity. Discover the most important terms related to MFA. Continue Reading
By
- Katie Donegan, Social Media Manager
Tip 05 Apr 2019
Benefits of mobile passwordless authentication

With an authentication method for mobile devices that goes beyond password and username credentials, IT can prevent social engineering attacks, while maintaining device usability. Continue Reading
By
- Kevin Beaver, Principle Logic, LLC
News 08 Feb 2019
Defense Department eyes behavioral biometrics with new contract

The Department of Defense awards a $2.4 million contract to Twosense.AI in order to create a behavioral biometrics system that can replace the current ID card system. Continue Reading
By
- Michael Heller, TechTarget
News 07 Feb 2019
Gartner: Expanding SOC capabilities a priority for enterprises

Reinvesting in SOCs and crafting clear risk appetite statements made the list of Gartner's top security and risk management trends. Experts sound off on what's driving these trends. Continue Reading
By
- Mekhala Roy
News 06 Feb 2019
Google's Mark Risher discusses 2FA adoption strategies

Although some types of two-factor authentication have been found to be vulnerable, Google's Mark Risher says 2FA adoption should be the baseline of security for all enterprises. Continue Reading
By
- Michael Heller, TechTarget
Feature 23 Jan 2019
Three examples of multifactor authentication use cases

When evaluating the business case for multifactor authentication, an organization must first identify how these three operational scenarios apply to a potential implementation. Continue Reading
By
- David Strom
Feature 23 Jan 2019
Purchasing multifactor authentication tools: What to consider

Find out what you need to know before investing in a multifactor authentication tool, including the drawbacks and the benefits. Continue Reading
By
- David Strom
Tip 11 Jan 2019
CIAM vs. IAM: The key differences 'customer' makes

Find out everything you need to know about the nuances that differentiate customer IAM from traditional IAM so that you can implement the CIAM system at your organization. Continue Reading
By
- Ed Moyle, Drake Software
Tip 26 Dec 2018
Set up vCenter two-factor authentication

How do you set up two-factor authentication with VMware vCenter? Expert Stuart Burns explains how to configure 2FA and includes implementation and troubleshooting advice. Continue Reading
By
- Stuart Burns
Answer 05 Nov 2018
How can U2F authentication end phishing attacks?

By requiring employees to use U2F authentication and physical security keys, Google eliminated phishing attacks. Learn how the combination works from expert Michael Cobb. Continue Reading
By
- Michael Cobb
Tip 30 Oct 2018
Enterprises should reconsider SMS-based 2FA use after breach

A Reddit breach was triggered by threat actors intercepting SMS messages used to authenticate employees to access sensitive data. Learn why enterprises should reconsider SMS for 2FA. Continue Reading
By
- Nick Lewis
News 09 Oct 2018
U.S. government domain officials to start using 2FA

The government domain registrar -- DotGov -- began rolling out two-factor authentication for officials managing .gov domains in order to mitigate against DNS hijacking. Continue Reading
By
- Michael Heller, TechTarget
Podcast 08 Oct 2018
Risk & Repeat: Inside the Facebook 2FA fail

This week's Risk & Repeat podcast discusses the latest controversy for Facebook, which has been using two-factor authentication numbers for advertising purposes. Continue Reading
By
- Rob Wright, Senior News Director
Feature 24 Aug 2018
Weighing privileged identity management tools' pros and cons

Products that help security pros manage access privileges are essential to IT security. Learn how to evaluate market offerings and acquire the best for your company. Continue Reading
By
- Michael Cobb
Guide 09 Aug 2018

Advances in access governance strategy and technology

Recent advances in IAM policy, strategy and technology are raising companies' ability authenticate identities and manage access to their systems and data. Continue Reading
News 03 Aug 2018
Reddit breach sparks debate over SMS 2FA

Using two-factor authentication with one-time passwords sent via SMS has come under question again after a Reddit breach was blamed on the faulty 2FA method. Continue Reading
By
- Michael Heller, TechTarget
News 24 Jul 2018
Physical security keys eliminate phishing at Google

Successful phishing attempts have been eliminated among Google employees following a requirement to use physical security keys in order to gain access to all Google accounts. Continue Reading
By
- Michael Heller, TechTarget
News 28 Jun 2018
New types of authentication take root across the enterprise

At Identiverse 2018, speakers and attendees expect a rise in two-factor authentication, as the single sign-on user password authentication falls out of favor. Continue Reading
By
- John Powers, Senior Site Editor
News 29 May 2018
Identity and access management tools add AI, microservices

AI and as-a-service platforms enable IT to take a more hands-off approach. But with adoption in the early stages, most IT pros wonder what the future holds for identity management. Continue Reading
By
- Erica Mixon
News 11 May 2018
Citrix NetScaler authentication methods help on-premises shops

In Citrix Synergy 2018 session, attendees learned about two ways to implement multifactor NetScaler authentication: Microsoft Azure Active Directory and Google ReCAPTCHA. Continue Reading
By
- Erica Mixon
News 27 Apr 2018
Sexy, but stupid: Biometrics security requires balancing risks

When it comes to biometrics, security coexists with stupidity, unless implementers take the time to understand the limits, according to Adam Englander at RSAC 2018. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
News 24 Apr 2018
Akamai touts network perimeter security shifts, zero-trust model

As network perimeter security grows less practical, Akamai talks at RSA Conference about moving beyond firewalls to improve authentication with a zero-trust model. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
News 10 Apr 2018
WebAuthn API gets standards nod from W3C, FIDO Alliance

W3C and the FIDO Alliance have given websites a new tool for doing FIDO-compliant authentication, as the WebAuthn authentication protocol is promoted to W3C Candidate Recommendation. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
Tip 01 Feb 2018
Bypassing facial recognition: The means, motive and opportunity

Researchers bypassed Apple's facial recognition authentication program, Face ID, in under a week. Expert Michael Cobb explains why it's not a major cause for concern for users. Continue Reading
By
- Michael Cobb
Answer 16 Jan 2018
Advanced Protection Program: How has Google improved security?

Google added a layer to its account security system with Advanced Protection Program. Matt Pascucci explains how individuals can better defend themselves from malicious actors. Continue Reading
By
- Matthew Pascucci
Tip 14 Dec 2017
Cryptographic keys: Your password's replacement is here

As passwords become targets of phishing attacks, password management has become increasingly difficult. Expert Nick Lewis explains how cryptographic keys could replace passwords. Continue Reading
By
- Nick Lewis
Answer 11 Dec 2017
How does port swapping work to bypass two-factor authentication?

With a port swapping attack, hackers can bypass two-factor authentication and control a victim's mobile device. Judith Myerson explains how the attacks work and how to stop them. Continue Reading
By
- Judith Myerson
Security School 11 Dec 2017

CISSP Domain 5: Cloud identity management and access control

From cloud identity and access management to physical access control, this study guide will help you review key concepts from Domain 5 of the CISSP exam. Continue Reading
Tip 08 Nov 2017
Learn how to identify and prevent access control attacks

Once an attacker has gained entry to a network, the consequences can be severe. Find out how the right access control tools can help prevent that from happening. Continue Reading
By
- (ISC) 2
News 20 Oct 2017
Advanced Protection Program locks down Google accounts

Google's Advanced Protection Program greatly increases the security of user accounts, but the usability tradeoffs may not be worth it for average users. Continue Reading
By
- Michael Heller, TechTarget
Answer 20 Oct 2017
What knowledge factors qualify for true two-factor authentication?

Can two-factor authentication be applied to a mobile device that's used as a 2FA factor? Michael Cobb explores the different knowledge factors and uses for mobile devices. Continue Reading
By
- Michael Cobb
Answer 15 Aug 2017
What is the best way to secure telematics information?

SMS authentication is often used to secure telematics information, but it may not be strong enough. Expert Judith Myerson discusses why, and how to improve the protection of this data. Continue Reading
By
- Judith Myerson
Answer 06 Jul 2017
How does the Microsoft Authenticator application affect password use?

The Microsoft Authenticator application enables smartphone-based, two-factor authentication and attempts to reduce the use of passwords. Expert Matthew Pascucci explains how. Continue Reading
By
- Matthew Pascucci
News 21 Jun 2017
Ping embeds multifactor authentication security in mobile apps

At the 2017 Cloud Identity Summit, Ping Identity launched a new software development kit that will embed multifactor authentication security features in mobile apps. Continue Reading
By
- Rob Wright, Senior News Director
Answer 07 Jun 2017
How does Facebook's Delegated Recovery enable account verification?

Facebook's Delegated Recovery aims to replace knowledge-based authentication with third-party account verification. Expert Michael Cobb explains how this protocol works. Continue Reading
By
- Michael Cobb
Feature 18 May 2017
Okta Adaptive MFA gives companies flexible authentication

Okta Adaptive MFA offers businesses a range of flexible authentication methods that use different contexts to determine which factors provide users with access. Continue Reading
By
- David Strom
Feature 15 May 2017
Summing up Symantec VIP Service, a multifactor authentication tool

Expert David Strom looks at the Symantec VIP multifactor authentication product and how it can benefit enterprise security. Continue Reading
By
- David Strom
Feature 15 May 2017
An in-depth look at Gemalto's SafeNet Authentication Service

Expert David Strom provides an in-depth look at Gemalto's SafeNet Authentication Service, a SaaS-based multifactor authentication product for boosting login security. Continue Reading
By
- David Strom
Feature 11 May 2017
SecureAuth IdP: An overview of its multifactor authentication ability

Expert David Strom looks at how SecureAuth IdP uniquely combines multifactor authentication and single sign-on login capabilities in a single product. Continue Reading
By
- David Strom
Feature 10 May 2017
VASCO IDENTIKEY Authentication Server and a look at its key features

Expert David Strom takes a closer look at VASCO's IDENTIKEY Authentication Server, one of the leading multifactor authentication products on the market. Continue Reading
By
- David Strom
Feature 05 May 2017
Quest Defender protects businesses with two-factor authentication

Through the Defender Management Portal, Quest Defender lets users request hard and soft tokens to provide valuable two-factor authentication and monitor all token activity. Continue Reading
By
- David Strom
News 05 May 2017
SS7 vulnerability allows attackers to drain bank accounts

News roundup: Attackers exploit SS7 vulnerability and drain bank accounts. Plus, Trump signs government IT executive order, an Intel AMT flaw threatens millions and more. Continue Reading
By
- Madelyn Bacon, TechTarget
19 Apr 2017

Strong authentication methods: Are you behind the curve?

Continue Reading
Answer 29 Mar 2017
How does a U2F security key keep Facebook users safe?

Universal second factor devices can be used to strengthen authentication on major websites such as Facebook. Expert Matthew Pascucci explains how U2F works. Continue Reading
By
- Matthew Pascucci
Opinion 23 Mar 2017
The best SSO for enterprises must be cloud and mobile capable

The best SSO today can handle the apps mobile workers use, identity as a service and more. Learn to make single sign-on, and other identity management approaches, more effective. Continue Reading
By
- Brenda L. Horrigan, Executive Managing Editor
Tip 23 Mar 2017
Enterprise SSO: The promise and the challenges ahead

It was inevitable that enterprise SSO would encounter the cloud. Learn how to adjust your company's approach to single sign-on so it keeps working well. Continue Reading
By
- Rob Shapland
News 16 Feb 2017
Q&A: Yubico brings FIDO authentication protocol to the masses

Yubico founder and CEO Stina Ehrensvard spoke with SearchSecurity at RSAC 2017 about FIDO authentication and how Google uses it to secure logins and cut costs. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
News 03 Feb 2017
Google G Suite updates aim to improve phishing protection

News roundup: Google updates G Suite with stronger authentication. Plus, WordPress secretly patches vulnerabilities, malware is likely to infect entire OSes, and more. Continue Reading
By
- Madelyn Bacon, TechTarget
Answer 18 Jan 2017
How do facial recognition systems get bypassed by attackers?

Researchers found that facial recognition systems can be bypassed with 3D models. Expert Nick Lewis explains how these spoofing attacks work and what can be done to prevent them. Continue Reading
By
- Nick Lewis
News 17 Jan 2017
Gmail phishing campaign uses real-time techniques to bypass 2FA

Researchers saw a Gmail phishing campaign in the wild using clever tricks to access accounts including a difficult 2FA bypass only possible in real time. Continue Reading
By
- Michael Heller, TechTarget
Answer 04 Jan 2017
How can two-factor authentication systems be used effectively?

Two-factor authentication systems require more than using codes sent through SMS and smart cards. Expert Michael Cobb explains how to properly and effectively implement 2FA. Continue Reading
By
- Michael Cobb
Tip 03 Jan 2017
FIDO authentication standard could signal the passing of passwords

The FIDO authentication standard could eventually bypass passwords, or at least augment them, as government and industry turns to more effective authentication technologies. Continue Reading
By
- Michael Cobb
Answer 02 Jan 2017
What new NIST password recommendations should enterprises adopt?

NIST is coming up with new password recommendations for the U.S. government. Expert Michael Cobb covers the most important changes that enterprises should note. Continue Reading
By
- Michael Cobb
Feature 01 Jun 2016
Strong authentication methods: Are you behind the curve?

Not sure who's really behind that username and password? Google, Facebook and others may finally give multifactor authentication technology the 'push' it needs. Continue Reading
By
- Dan Sullivan