The Octopus Blog

Are 2FA and MFA an Answer to Password Fatigue?

By Inbal Voitiz|September 15th, 2020|Categories: Articles|

"123456." That's the most popular password of 2020. Closely followed by "123456789." At this point, it's not even funny. Passwords failed as an adequate protection method a long time ago. Credential dumps that expose millions of passwords each year, combined with the tendency to reuse passwords across multiple apps and services, are a recipe for disaster. And you really can't blame [...]

What is SAML and how is it being used?

By Inbal Voitiz|September 3rd, 2020|Categories: Articles|

What is SAML? Security Assertion Markup Language (SAML) is a computer protocol that allows users to reuse their authentication credentials to log into multiple applications, instead of setting up new accounts with new credentials for every application. SAML is not the only protocol that does this. OpenID Connect (ODIC), for example, is a very popular authentication protocol for consumer applications that [...]

Top 6 Password Attacks and How to Prevent Them

By Inbal Voitiz|August 27th, 2020|Categories: Articles|

Passwords are highly vulnerable and extremely valuable, and therefore a high-value target for attackers. There numerous attacks on passwords. Here's an overview of the main tactics: Social Engineering Social Engineering attacks misdirect users to malicious websites that impersonate legitimate ones and ask them for their passwords (and possibly other credentials like one-time passcode, etc.). Once users enter their passwords on a [...]

Protecting Health Professionals and Medical Infrastructure

By Inbal Voitiz|August 10th, 2020|Categories: Articles|Tags: Corporate Account Takeover, passwordelss enterprise, Passwordless, Remote Access, Virtual Private Network (VPN)|

Medical professionals are working in high-stress environments where human lives are at stake on a daily basis. High-paced and often unpredictable working conditions mean that data security is often the last thing on the mind of medical personnel. And that is the way it should be. Doctors, nurses, and administrative staff should be 100% focused on the main task at hand [...]

Securing Remote Access Users

By Raz Rafaeli|July 28th, 2020|Categories: Articles|Tags: Corporate Account Takeover, passwordelss enterprise, Passwordless, Remote Access, Virtual Private Network (VPN)|

COVID19 is driving a spike in phishing attacks that exploit the uncertainty and anxiety brought on by these truly unprecedented times. With unemployment rates skyrocketing and many companies furloughing their employees, attackers are taking advantage of financial and career fears. State-backed hackers are also on a rampage, attacking pharmaceutical companies and research institutions working on treatments for the novel disease, trying to get [...]

Fight Insider Threats with Passwordless Authentication

By Inbal Voitiz|July 20th, 2020|Categories: Articles|Tags: Corporate Account Takeover, insider-threat, Multi Factor Authentication, passwordelss enterprise, Passwordless, Remote Access|

What Is an Insider Threat? Formally speaking, an insider threat is any vulnerability, exploit, or potential means of attack created, intentionally or unintentionally, by legitimate users within the organization. These ‘insiders’ may be currently or formerly employed by the attacked organization, or outsiders contracted to perform services and given lawful access by the company. In the context of cybersecurity, insider threat usually relates to the use of privileged accounts in order to abuse resources, interfere with processes, or access sensitive data. Needless to say, the ramifications of an attacker getting [...]

Gartner’s 2020 “Market Guide for User Authentication” Report

By Secret Double Octopus Staff|July 12th, 2020|Categories: In the News|

Secret Double Octopus is proud to be included in Gartner’s “Market Guide for User Authentication” report for the 3rd time As one of the world’s most renowned research companies, Gartner regularly examines the user authentication landscape and reports important industry trends, technological innovations and emerging market needs. This year’s report contains several interesting findings such as the growing demand for a [...]

3 Pillars of Digital Transformation: Cost, Usability, and Security

By Shimrit Tzur-David|June 30th, 2020|Categories: Articles|Tags: 2FA, 2nd factor authentication, Multi Factor Authentication, passwordelss enterprise, Passwordless, PIN, Remote Access|

Digital transformation is nothing new. Enterprises have been striving to achieve digital El Dorado for over a decade now, looking to solve usability and security issues and improve the quality of work and service. Yet, the progress has been slow, to say the least. It’s not that companies do not understand the value. It has been widely accepted that digital transformation is THE thing to strive for. After all, digital-first [...]

How to handle passwords under GDPR

By Inbal Voitiz|June 22nd, 2020|Categories: Articles|Tags: 2FA, 2nd factor authentication, Multi Factor Authentication, passwordelss enterprise, Passwordless, PIN, Remote Access|

Two key regulations that have impacted the security and privacy landscape are the European Unions General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Although both legislations are applicable to their own jurisdictions, they have considerable impact on how companies around the globe operate. We live in a globalized online economy, where your business can have customers across the world, and you should be careful not to run afoul of any of these regulatory measures, and others [...]

Put a PIN in that: why passwords vs. PINs comparisons are irrelevant

By Inbal Voitiz|June 9th, 2020|Categories: Articles|Tags: 2FA, 2nd factor authentication, Multi Factor Authentication, passwordelss enterprise, Passwordless, PIN, Remote Access|

Your IT: "Your account is now secured with a PIN, adding an extra layer of security to your account." Your Users: "Great idea! I'll just use my credit card PIN, and now I will always remember my computer PIN too!" Many security managers have struggled with similar exchanges in recent years, as the business world continuously examines added security layers for employees and users [...]

Secret Double Octopus’s CEO featured on DarkReading about securing government contractors

By Secret Double Octopus Staff|June 3rd, 2020|Categories: In the News|

Raz Rafaeli, CEO and Co-Founder of Secret Double Octopus wrote an article on how to comply with NIST and DFARS password-related requirements Read full article

1 2 3 Next

Secret Double Octopus liberates users and organizations from the pain of passwords. For the first time, users no longer need to reset and remember a password, and can enjoy a consistent login experience throughout their work day. Organizations gain the benefits of high assurance and credential control across domain accounts, VPN, cloud applications and virtually all legacy apps, and the significant cost savings that comes from eliminating passwords.

The technology offers a superior level of assurance due to unique use of unbreakable algorithms for key exchange, preventing known vulnerabilities in traditional authenticator architectures.
Founded in 2015, the company delivers its zero-password MFA solutions to fortune 100 companies worldwide.

The Octopus Blog

Get in Touch

Get in Touch With Sales