Read all about the best Multi Factor Authentication methods on the Octopusblog. Learn about the best authentication techniques for different operating systems, the flaws of single-sign-on, and the most up-to-date technologies for multi-factor, such as SMS, and push notifications.

Password- Based Authentication: Vulnerabilities And Alternative Solutions

The password has been the staple of authentication for years. While passwords are still very much a part of our information technology landscape, they have been on the decline for more than a decade. “There is no doubt that over time, people are going to rely less and less on passwords,” adding that passwords “just don’t meet the challenge for anything [...]

Credential Stuffing – HSBC Case Study

Earlier this month, HSBC Bank, one of the seven largest financial organizations in the world, issued a warning to its customers that their personal information may have been compromised in a recent data breach. HSBC officials say the breach appeared to run from the 4th through the 14th of October. After spotting the breach, the bank announced that it had "suspended [...]

VPN MFA – The Gateway to the Kingdom

Enterprises have long used Virtual Private Networks (VPN) to protect their systems and provide a secure work environment. In today’s dynamic business climate, VPN’s have become even more essential. Private networks are now commonly used for organizations that want to give their employees remote, unfettered access to their private servers. With the security and flexibility they provide, it’s no wonder why [...]

Man in the Browser (MITB)

On the Octopus Blog, we take a keen interest in the most prevalent hacks used by cybercriminals today. Understanding the science and methodology behind these attacks can help users be better prepared and equipped to protect their data and digital identities. Among the more nefarious techniques employed by hackers, the Man-in-the-Middle (MITM) is a particularly nasty one. A well-executed attack can [...]

The UN Unexpected Example of Poor Password Management

A couple weeks ago, we covered the West Australian government’s security audit here on the Octopus Blog. The section of the governmental audit’s research into cyber security practices unveiled some pretty disturbing facts. Given the opportunity, users will choose the most obvious, easiest to guess passwords, leaving them wide-open targets for cyber criminals. While the size and scope of this phenomenon [...]

Navigating the NIST AIM Guidelines

  If the barrage of recent data breaches tells us anything, it’s that digital identity is the new battleground in information security. According to Symantec’s Internet Security Threat Report, 1.1 billion identities were stolen in 2016 alone. Armies of botnets are attempting to reuse and harvest stolen credentials in drive-by downloads or targeted phishing scams—all while we are still struggling with [...]

Reddit – Where CISO’s Go to Get Hacked

Yet another major enterprise has fallen victim to insecure identity protocols. The social network giant Reddit reported earlier this month that hackers had succeeded in breaching the company’s databases, exposing both usernames and passwords. Although cybercriminals were not able to alter any of Reddit’s information or source code, the companies Chief Technology Officer Christopher Slowe, admitted the hack was a serious [...]

Before you Get a Physical Security Token – What you Need to Know

Last week Google announced that it will create its own physical universal second-factor authenticator that leverages the FIDO Alliance (Fast Identity Online). FIDO was designed to put an end to the tradeoff between fast, easy access on the one hand, and robust authentication security on the other. With the authentication scheme growing in popularity, several tech manufacturers like Yubico and Feitian [...]

Windows Hello for Business – Review

Just a few years ago, biometric logins were the stuff of science fiction and technophiles. Today, the market has produced a slew of tools that have made biometrics available for the common user. Microsoft’s biometric solution, Windows Hello for Business (WHB), is one of the industries most successful platforms designed for enterprise-wide use. Let’s start with the basics: What Does it [...]

Passwordless Authentication Frequently Asked Questions (Part 1)

Being in the industry of authentication, we get quite a lot of questions on the topic, especially on how to get rid of passwords while maintaining a high level of assurance. To make access to this information a bit easier, we decided to put out a blog series with answers to the most commonly asked questions. Here’s the rundown of ongoing [...]

Why Passwordless Authentication is Essential for VPN’s

As the modern workforce becomes increasingly more mobile, businesses are allocating more and more on resources to secure remote connections. For years, Virtual Private Networks, or VPNs, have been the standard bearer for remote access. VPNs allow users to transfer sensitive data across a public network as if their devices were directly connected to private one. The New Paradigm Unfortunately, the [...]

What to Look for in Identity and Access Management Solutions?

Effective identity and access management platform is likely the single most important responsibility for today’s chief information security officers (CiSO). Information and Access Management, or IAM, is the bread and butter of securing a network, ensuring access to data and applications is controlled and uncompromising. IAM plays a vital role in a company’s overall security framework. Having an effective strategy enables [...]

Howdy,
Search exact
Search sentence
Buy Premium Version to add more powerful tools to this place. https://wpclever.net/downloads/wp-admin-smart-search