Password- Based Authentication: Vulnerabilities And Alternative Solutions

The password has been the staple of authentication for years. While passwords are still very much a part of our information technology landscape, they have been on the decline for more than a decade. “There is no doubt that over time, people are going to rely less and less on passwords,” adding that passwords “just don’t meet the challenge for anything [...]

Credential Stuffing – HSBC Case Study

Earlier this month, HSBC Bank, one of the seven largest financial organizations in the world, issued a warning to its customers that their personal information may have been compromised in a recent data breach. HSBC officials say the breach appeared to run from the 4th through the 14th of October. After spotting the breach, the bank announced that it had "suspended [...]

VPN MFA – The Gateway to the Kingdom

Enterprises have long used Virtual Private Networks (VPN) to protect their systems and provide a secure work environment. In today’s dynamic business climate, VPN’s have become even more essential. Private networks are now commonly used for organizations that want to give their employees remote, unfettered access to their private servers. With the security and flexibility they provide, it’s no wonder why [...]

Understanding Today’s Data Regulations (Part 2)

In our first post on data regulations, we laid out the facts on some of the most important organizations influencing the world of IT’s industry standards. To help understand the ins and outs of these groups matter, and how they affect digital authentication, we put together the who, what, and where of each regulation. In this second post in the series, [...]

Man in the Browser (MITB)

On the Octopus Blog, we take a keen interest in the most prevalent hacks used by cybercriminals today. Understanding the science and methodology behind these attacks can help users be better prepared and equipped to protect their data and digital identities. Among the more nefarious techniques employed by hackers, the Man-in-the-Middle (MITM) is a particularly nasty one. A well-executed attack can [...]

Zero Password Multifactor Authentication Comes to Enterprise Mac Users

Secret Double Octopus, the leader in password-free, high assurance authentication is proud to announce its latest innovation: Password-Free Login for Mac Users Today’s enterprises require the capability to access their data through a full range of mediums, either on premises or in the cloud. More often than not, this means harnessing management tools native to Windows such as Active Directory. But [...]

By |October 24th, 2018|Categories: Articles|Tags: |

Understanding Today’s Data Regulations Pt.1

Data regulation. Some are restrictions aim to protect users and some are a framework for better organizations security. The modern phenomenon is set as the legal system is catching up with the ever-expanding connected world we live at, if you agree with regulatory oversight or not the sweeping effects on the world of digital information is enormous.How companies handle private data, [...]

California Weak Password Ban

In new legislation, California decided to ban easy to guess, default passwords. The bill entitled SB-327, or Information Privacy: Connected Devices demands that electronics manufacturers in California equip their products with "reasonable" security features. What does this mean practically for users? All those generic passwords such as “Admin” and “Password” will be prohibited. Starting 2020 when the law comes into effect, [...]

The Ultimate Guide to Man in the Middle (MITM) Attacks and How to Prevent them

In the realm on protecting digital information, a man-in-the-middle (MITM) attack is one of the worst things that can happen to an individual or organization. MITM attacks happen when an unauthorized actor manages to intercept and decipher communications between two parties and monitors or manipulates the exchanged information for malicious purposes. For instance, hackers can stage MITM attacks to steal sensitive [...]

The UN Unexpected Example of Poor Password Management

A couple weeks ago, we covered the West Australian government’s security audit here on the Octopus Blog. The section of the governmental audit’s research into cyber security practices unveiled some pretty disturbing facts. Given the opportunity, users will choose the most obvious, easiest to guess passwords, leaving them wide-open targets for cyber criminals. While the size and scope of this phenomenon [...]

Certificates and Inherit Trust

On the Octopus Blog, we’ve delved quite a bit into the vulnerabilities of contemporary encryption standards. The system of Public Key Infrastructure (PKI) which forms the basis of most of the worlds authentication platforms, while presenting a powerful, easy to use encryption model, still left several holes through which attackers can breach networks and steal identities. Perhaps the single biggest problem [...]

Practice What you Preach – IT’s Achilles Heel

Thus goes the old adage. Of all the fields we would expect the ‘experts’ to follow their own rules, data security would probably be it. With a growing list of high profile hacks caused by poor security practices, infosec professionals are well aware what’s at risk from being careless in this area. Unfortunately, the data suggests that even the pros are [...]

By |September 17th, 2018|Categories: Articles|Tags: , |

What a Government Security Audit Teaches us About Password Vulnerabilities

Security firms and experts constantly encourage companies and organizations to enforce strong password policies to prevent the accounts of their employees and users from getting hacked. But what happens when an organization does enforce password policies? Employees knowingly find workarounds and continue to choose weak passwords that conform to those policies. At least that’s what a recent audit of 17 Western [...]

By |September 3rd, 2018|Categories: Articles|Tags: , |
Howdy,
Search exact
Search sentence
Buy Premium Version to add more powerful tools to this place. https://wpclever.net/downloads/wp-admin-smart-search