Items Tagged with "Authentication"


Businesses Should Take a Pass on Traditional Password Security

August 04, 2015 Added by:Geoff Sanders

Historical forms of authentication were never meant for the networked landscape we live in today. The first passwords were adequate authentication solutions only because the systems they secured were isolated. Unfortunately, the isolated systems that pervaded the early days of the computer revolution has set the foundation for authentication in the Internet Age.

Comments  (0)


A Windows Authentication Flaw Allows Deleted/Disabled Accounts to Access Corporate Data

May 06, 2014 Added by:Tal Be'ery

Since Kerberos authentication and authorization is based solely on the ticket – and not on the user’s credentials, it means that disabling the user’s account has no effect on their ability to access data and services.

Comments  (0)


The Road To Identity Relationship Management

November 04, 2013 Added by:Simon Moffatt

The modern enterprise workforce, will contain contractors, freelancer and even consumers themselves. Bloggers, reviewers, supporters, promoters, content sharers and affiliates, whilst not on the company payroll, help drive revenue through messaging and interaction. If a platform exists where their identity can be harnessed, a new more agile go to market approach can be developed.

Comments  (0)


Mitigate Security Risk Before Your Business Collapses

July 11, 2013 Added by:Jan Valcke

Security is not an optional feature to be implemented after the horse has bolted. Lack of security may have severe consequences and can result in destructed corporate image, severe revenue losses and liability suits. Strong authentication alleviates a lot of security concerns and can help build customer trust, credibility and can even become a competitive advantage.

Comments  (0)


CloudBeat 2012 - "Whose job is cloud security?"

December 11, 2012 Added by:Rafal Los

People are still stuck on authentication, mainly passwords. We as an industry or customer base haven't been very good at figuring out how to manage identities, without sticking our customers with a million different sites which don't share common identities...

Comments  (0)


What Makes My Passwords Vulnerable?

November 25, 2012 Added by:Robert Siciliano

Simple passwords: When 32 million passwords were exposed in a breach last year, almost 1% of victims were using 123456. The next most popular password was 12345. Other common choices are 111111, princess, qwerty, and abc123. Avoid these types of passwords, which are easily guessed...

Comments  (0)


E-mailing Passwords - Practice What You Preach

November 19, 2012 Added by:Bill Mathews

That’s right, I got an email with my username and password listed right there. That probably doesn’t anger normal people (let alone drive them to write an article about it), but I have never been accused of being normal so I’m pretty annoyed. Here, in no particular order, are my reasons for the anger and frustration...

Comments  (6)


Four Turning Points in Cybersecurity History

November 18, 2012 Added by:Tripwire Inc

Enterprises adopted reputable standards for secure configurations, and implemented repeatable practices for creating secure infrastructure. This shift dramatically reduced the attack surface of enterprises, greatly increasing the difficulty of achieving a successful attack...

Comments  (0)


On Password Hell

November 06, 2012 Added by:Joel Harding

I had one sysadmin a few years ago who demanded we all use 64 character passwords and every other character had to switch type. It was something like ^y?M3aI`B[a/ and so on... It took two minutes to type it in and I had to carry a paper with the password written on it. I was so glad when he left...

Comments  (1)


Please Don’t Tell Me You’re Still Using SSNs as IDs!

November 05, 2012 Added by:Rebecca Herold

I’ve been occasionally revisiting the topic of laws and regulations prohibiting the use of SSNs, most recently in 2008 when I identified over 45 U.S. federal and state laws regulating and often prohibiting, the use of SSNs as identifiers. I provide pointers at the end of this post to some other reports...

Comments  (0)


Does it Make Sense to Keep Changing Your Passwords?

October 31, 2012 Added by:Rafal Los

I'm running a small experiment on myself in which I've set up an account on a public, high-traffic web-based system out there that has a ton of my personal information. I've not changed my password in almost 6 months, but I still feel relatively good and certain that I am the only one who has access to my stuff...

Comments  (0)


Is it really so simple to crack your password?

October 29, 2012 Added by:Pierluigi Paganini

The numerous attacks and data breaches occurred during the last 12 months demonstrate that despite attention to security, the principal causes of the incidents are leak of authentication processes, absence of input validation on principal applications, and of course the human factor...

Comments  (0)


Ask The Experts: Online Banking

October 24, 2012 Added by:Brent Huston

Instead of using your actual name as your login, why not use something different that is hard to guess and doesn’t reveal anything about your identity? It always pays to make it as tough on the cyber-criminals as possible..

Comments  (0)


Sidestepping Microsoft SQL Server Authentication

October 21, 2012 Added by:Brandon Knight

Penetration testers love compromising systems during assessments, and the most important portion of a penetration test is getting access to critical data and systems. So, post exploitation I generally head for the database servers. Depending on the permissions of the target there may be another hurdle to bypass...

Comments  (2)


eSignatures Go Keyless in the Cloud

October 02, 2012 Added by:Victor Cruz

It has been 12 years since the US passed a law to facilitate the use of electronic records and electronic signatures. Called the Electronic Signatures in Global and National Commerce Act (ESIGN), its general intent in black and white is quoted in the very first section of the legislation...

Comments  (0)


Anomaly Detection: Front-Door Infrastructure Security

September 23, 2012 Added by:Larry Karisny

So what if we could create an anomaly algorithm that could audit, detect and approve positive input events in business processes. And if we could do this then wouldn’t risk management and security actually just be a byproduct of allowing these positive business events to occur?

Comments  (1)

Page « < 1 - 2 - 3 - 4 - 5 > »