authentication
Microsoft is right, mandatory password changes are obsolete
Microsoft has recently come out and said that mandatory password changing is ancient and obsolete. This goes directly against everything we were trained to think for the last …
The probability that an EV SSL certificate is associated with a bad domain is 0.013%
In 2018, phishing attacks were attempted 482.5 million times, more than doubling the number of incidents in 2017. New research conducted by the Georgia Institute of Technology …
How to secure your data as you go digital
To scale more efficiently and serve customers better, companies are moving more workloads and services to the cloud. According to IDG, 37 percent of companies are increasing …
The rise of biometrics and passwordless security
Whether you realize it or not, our current era of mobile and cloud computing can be defined, both positively and negatively, by shared secrets. Shared secrets — passwords, …
How AI can improve user experience and security for the finance industry
For the last 50 years, the fundamental and largely unchanged model for identifying and authenticating users has been based on the combination of a username and password, …
True passwordless authentication is still quite a while away
The password has been one of the great inventions in the history of computing: a solution that allowed simple and effective identity and access management when the need arose …
Certificate-related outages impact the reputation of financial services organizations
Financial services organizations are more likely to have digital certificate-related outages than other industries, a Venafi study reveals. Over 100 CIOs in the financial …
Enterprises catching up with the explosion of cloud use and shadow IT in the workplace
Businesses worldwide are gaining control of previously unmonitored and unsupported cloud applications and devices, known as shadow IT, that lurk in their IT environments, …
Companies still don’t understand the importance of DMARC adoption
By implementing DMARC, brands lower the odds of their domains being spoofed and used for phishing attacks on recipients. Still, 79.7% of all domains analyzed have no DMARC …
Avoiding a biometric dystopia
In part one of our two-part series, we explored how biometric authentication methods are being defeated. In the second part, we’ll explore how manipulating biometrics can …
How well are healthcare organizations protecting patient information?
Healthcare organizations have high levels of confidence in their cybersecurity preparedness despite most of them using only basic user authentication methods in the face of an …
German banks to stop using SMS to deliver second authentication/verification factor
German banks are moving away from SMS-based customer authentication and transaction verification (called mTAN or SMS-TAN), as the method is deemed to be too insecure. …