Secret Double Octopus Named “Best in Class” | Read Aite's 2021 Passwordless Report
Aite Group Passwordless Matrix Report 2021

Octopus blog

Password Policies are Useless


Wednesday April 21, 2021

Why password policies are a waste of time and money

Every year, billions of personal and corporate accounts get hacked. And every year, organizations respond in the same way: Enforcing stricter password policies. The result? A false sense of accomplishment and a short-lived boost to security, followed by a return to the usual: insecure passwords and, of course, more compromised accounts. In this post, we...
Read more

About Octopus

Secret Double Octopus is the passwordless authentication solution for the enterprise. We liberate end-users and security teams from the burden of passwords with the simplicity and security of strong passwordless authentication.

Where should CISOs Invest?


Thursday December 3, 2020

Where should CISOs put their money in 2021?

CISOs undeniably faced a new hosting of challenges across the board this year due to the global pandemic. As we approach the end of the year, not only is it a good time to reflect on the past year but prepare for what the foreseeable future holds for enterprise cybersecurity. As enterprises continue to adjust...
Read more

Authentication vs. Authorization


Thursday November 5, 2020

Authentication vs. Authorization – What is the Difference Exactly?

The distinction between authentication and authorization is many times missed or confused. Some of the confusion has to do with the fact that the short form for authentication and authorization is the same – “auth” – so a delegated authorization scheme like OAUTH can be easily confused with something that has to do with authentication....
Read more

Are 2FA and MFA the Answer?


Tuesday September 15, 2020

Are 2FA and MFA an Answer to Password Fatigue?

“123456.” That’s the most popular password of 2020. Closely followed by “123456789.” At this point, it’s not even funny.  Passwords failed as an adequate protection method a long time ago. Credential dumps that expose millions of passwords each year, combined with the tendency to reuse passwords across multiple apps and services, are a recipe for...
Read more

What is SAML and how it's used?


Thursday September 3, 2020

What is SAML and how is it being used?

What is SAML? Security Assertion Markup Language (SAML) is a computer protocol that allows users to reuse their authentication credentials to log into multiple applications, instead of setting up new accounts with new credentials for every application. SAML is not the only protocol that does this. OpenID Connect (ODIC), for example, is a very popular...
Read more

Top 6 Password Attacks


Thursday August 27, 2020

Top 6 Password Attacks and How to Prevent Them

Passwords are highly vulnerable and extremely valuable, and therefore a high-value target for attackers. There are numerous attacks on passwords. Here’s an overview of the main tactics: Social Engineering Social Engineering attacks misdirect users to malicious websites that impersonate legitimate ones and ask them for their passwords (and possibly other credentials like one-time passcode, etc.)....
Read more

Visit the OctoCampus

Get a crash course in passwordless authentication at our campus to learn all about modern workforce authentication technologies and standrads!

Protecting Healthcare Professionals


Monday August 10, 2020

Protecting Health Professionals and Medical Infrastructure

Medical professionals are working in high-stress environments where human lives are at stake on a daily basis. High-paced and often unpredictable working conditions mean that data security is often the last thing on the mind of medical personnel. And that is the way it should be. Doctors, nurses, and administrative staff should be 100% focused...
Read more

Fight Insider Threats with Passwordless


Monday July 20, 2020

Fight Insider Threats with Passwordless Authentication 

What Is an Insider Threat?  Formally speaking, an insider threat is any vulnerability, exploit, or potential means of attack created, intentionally or unintentionally, by legitimate users within the organization. These ‘insiders’ may be currently or formerly employed by the attacked organization, or outsiders contracted to perform services and given lawful access by the company. In the context of cybersecurity, insider threat usually relates to the use of privileged accounts in order to abuse resources, interfere with processes, or access sensitive data.  Needless to say,...
Read more

Handling Passwords Under GDPR


Monday June 22, 2020

How to handle passwords under GDPR

Two key regulations that have impacted the security and privacy landscape are the European Unions General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Although both legislations are applicable to their own jurisdictions, they have considerable impact on how companies around the globe operate. We live in a globalized online economy, where your business can have customers across the world, and you should be careful not to run afoul of...
Read more

Passwords vs. PINs


Tuesday June 9, 2020

Put a PIN in that: why passwords vs. PINs comparisons are irrelevant

Your IT: “Your account is now secured with a PIN, adding an extra layer of security to your account.” Your Users: “Great idea! I’ll just use my credit card PIN, and now I will always remember my computer PIN too!”  Many security managers have struggled with similar exchanges in recent years, as the business world continuously examines added...
Read more