Items Tagged with "Authentication"


Fafdf1720f4df1d41c6eacbd2429a06b

A Windows Authentication Flaw Allows Deleted/Disabled Accounts to Access Corporate Data

May 06, 2014 Added by:Tal Be'ery

Since Kerberos authentication and authorization is based solely on the ticket – and not on the user’s credentials, it means that disabling the user’s account has no effect on their ability to access data and services.

Comments  (0)

65c1700fde3e9a94cc060a7e3777287c

The Road To Identity Relationship Management

November 04, 2013 Added by:Simon Moffatt

The modern enterprise workforce, will contain contractors, freelancer and even consumers themselves. Bloggers, reviewers, supporters, promoters, content sharers and affiliates, whilst not on the company payroll, help drive revenue through messaging and interaction. If a platform exists where their identity can be harnessed, a new more agile go to market approach can be developed.

Comments  (0)

D2c1e74cac8f12e965acd1a21fef3a38

Mitigate Security Risk Before Your Business Collapses

July 11, 2013 Added by:Jan Valcke

Security is not an optional feature to be implemented after the horse has bolted. Lack of security may have severe consequences and can result in destructed corporate image, severe revenue losses and liability suits. Strong authentication alleviates a lot of security concerns and can help build customer trust, credibility and can even become a competitive advantage.

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

CloudBeat 2012 - "Whose job is cloud security?"

December 11, 2012 Added by:Rafal Los

People are still stuck on authentication, mainly passwords. We as an industry or customer base haven't been very good at figuring out how to manage identities, without sticking our customers with a million different sites which don't share common identities...

Comments  (0)

37d5f81e2277051bc17116221040d51c

What Makes My Passwords Vulnerable?

November 25, 2012 Added by:Robert Siciliano

Simple passwords: When 32 million passwords were exposed in a breach last year, almost 1% of victims were using 123456. The next most popular password was 12345. Other common choices are 111111, princess, qwerty, and abc123. Avoid these types of passwords, which are easily guessed...

Comments  (0)

D03c28fd5a80c394905c980ee1ecdc88

E-mailing Passwords - Practice What You Preach

November 19, 2012 Added by:Bill Mathews

That’s right, I got an email with my username and password listed right there. That probably doesn’t anger normal people (let alone drive them to write an article about it), but I have never been accused of being normal so I’m pretty annoyed. Here, in no particular order, are my reasons for the anger and frustration...

Comments  (6)

Bd07d58f0d31d48d3764821d109bf165

Four Turning Points in Cybersecurity History

November 18, 2012 Added by:Tripwire Inc

Enterprises adopted reputable standards for secure configurations, and implemented repeatable practices for creating secure infrastructure. This shift dramatically reduced the attack surface of enterprises, greatly increasing the difficulty of achieving a successful attack...

Comments  (0)

94ae16c30d35ee7345f3235dfb11113c

On Password Hell

November 06, 2012 Added by:Joel Harding

I had one sysadmin a few years ago who demanded we all use 64 character passwords and every other character had to switch type. It was something like ^y?M3aI`B[a/ and so on... It took two minutes to type it in and I had to carry a paper with the password written on it. I was so glad when he left...

Comments  (1)

65be44ae7088566069cc3bef454174a7

Please Don’t Tell Me You’re Still Using SSNs as IDs!

November 05, 2012 Added by:Rebecca Herold

I’ve been occasionally revisiting the topic of laws and regulations prohibiting the use of SSNs, most recently in 2008 when I identified over 45 U.S. federal and state laws regulating and often prohibiting, the use of SSNs as identifiers. I provide pointers at the end of this post to some other reports...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Does it Make Sense to Keep Changing Your Passwords?

October 31, 2012 Added by:Rafal Los

I'm running a small experiment on myself in which I've set up an account on a public, high-traffic web-based system out there that has a ton of my personal information. I've not changed my password in almost 6 months, but I still feel relatively good and certain that I am the only one who has access to my stuff...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Is it really so simple to crack your password?

October 29, 2012 Added by:Pierluigi Paganini

The numerous attacks and data breaches occurred during the last 12 months demonstrate that despite attention to security, the principal causes of the incidents are leak of authentication processes, absence of input validation on principal applications, and of course the human factor...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Ask The Experts: Online Banking

October 24, 2012 Added by:Brent Huston

Instead of using your actual name as your login, why not use something different that is hard to guess and doesn’t reveal anything about your identity? It always pays to make it as tough on the cyber-criminals as possible..

Comments  (0)

4eb356e09746aadc2f4800877e8c24e8

Sidestepping Microsoft SQL Server Authentication

October 21, 2012 Added by:Brandon Knight

Penetration testers love compromising systems during assessments, and the most important portion of a penetration test is getting access to critical data and systems. So, post exploitation I generally head for the database servers. Depending on the permissions of the target there may be another hurdle to bypass...

Comments  (2)

09f36134733892ee0b4d16cf0fc98790

eSignatures Go Keyless in the Cloud

October 02, 2012 Added by:Victor Cruz

It has been 12 years since the US passed a law to facilitate the use of electronic records and electronic signatures. Called the Electronic Signatures in Global and National Commerce Act (ESIGN), its general intent in black and white is quoted in the very first section of the legislation...

Comments  (0)

8a958994958cdf24f0dc051edfe29462

Anomaly Detection: Front-Door Infrastructure Security

September 23, 2012 Added by:Larry Karisny

So what if we could create an anomaly algorithm that could audit, detect and approve positive input events in business processes. And if we could do this then wouldn’t risk management and security actually just be a byproduct of allowing these positive business events to occur?

Comments  (1)

5e402abc3fedaf8927900f014ccc031f

Will Your Smartphone Become your Wallet?

September 05, 2012 Added by:Allan Pratt, MBA

Will all smartphone users feel comfortable transforming their them into wallets? What about security? What if you lose your phone and the person who finds it hacks into your accounts? Now, these cool capabilities don’t sound so impressive. In fact, there are some serious consequences...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »