Multi Factor Authentication

Read all about the best Multi Factor Authentication methods on the Octopusblog. Learn about the difference between authentication factors and there pros and cons.

Passwordless Authentication will Become a Business Advantage in 2019

By Secret Double Octopus Staff|January 1st, 2019|Categories: In the News|Tags: , , |

Published at TechRadar on December 31st by Raz Rafaeli  At RSA’s 2004 security conference, Bill Gates predicted “There is no doubt that over time, people are going to rely less and less on passwords,” adding that passwords “just don’t meet the challenge for anything you really want to secure.” A pertinent truth that is often forgotten when discussing the importance of [...]

Virtual Desktop (VDI) Authentication

By Amit Rahav|December 20th, 2018|Categories: Articles|Tags: , , , |

The Bring Your Own Device (BYOD) approach is highly embraced by organizations, connecting users to corporate networks to reduce costs or as an easy solution for remote workers. The main beneficiaries of the trend are Virtual Desktop Infrastructure (VDI) such as Citrix, VMware and Microsoft,  For many organizations and companies, Virtual Desktops provide an interesting option to connect their employees to [...]

Privileged Users are Privileged Targets

By Amit Rahav|December 17th, 2018|Categories: Articles|Tags: , , |

By any measurement, Privileged Access Management (PAM) has drastically changed the way enterprises protect access to critical systems. Using credential vaults and other session control tools, PAM has allowed managers to maintain privileged identities while significantly decreasing the risk of their compromise. Both industry leaders Forrester and Gartner have placed privileged management as a top priority for CISO’s. And it’s no [...]

Password- Based Authentication: Vulnerabilities And Alternative Solutions

By Shimrit Tzur-David|December 5th, 2018|Categories: Articles|Tags: , , , , , |

The password has been the staple of authentication for years. While passwords are still very much a part of our information technology landscape, they have been on the decline for more than a decade. “There is no doubt that over time, people are going to rely less and less on passwords,” adding that passwords “just don’t meet the challenge for anything [...]

Credential Stuffing – HSBC Case Study

By Inbal Voitiz|November 26th, 2018|Categories: Articles|Tags: , , |

Earlier this month, HSBC Bank, one of the seven largest financial organizations in the world, issued a warning to its customers that their personal information may have been compromised in a recent data breach. HSBC officials say the breach appeared to run from the 4th through the 14th of October. After spotting the breach, the bank announced that it had "suspended [...]

VPN MFA – The Gateway to the Kingdom

By Amit Rahav|November 22nd, 2018|Categories: Articles|Tags: , , |

Enterprises have long used Virtual Private Networks (VPN) to protect their systems and provide a secure work environment. In today’s dynamic business climate, VPN’s have become even more essential. Private networks are now commonly used for organizations that want to give their employees remote, unfettered access to their private servers. With the security and flexibility they provide, it’s no wonder why [...]

Man in the Browser (MITB)

By Amit Rahav|November 1st, 2018|Categories: Articles|Tags: , , |

On the Octopus Blog, we take a keen interest in the most prevalent hacks used by cybercriminals today. Understanding the science and methodology behind these attacks can help users be better prepared and equipped to protect their data and digital identities. Among the more nefarious techniques employed by hackers, the Man-in-the-Middle (MITM) is a particularly nasty one. A well-executed attack can [...]

The UN Unexpected Example of Poor Password Management

By Amit Rahav|October 4th, 2018|Categories: Articles|Tags: , , , |

A couple weeks ago, we covered the West Australian government’s security audit here on the Octopus Blog. The section of the governmental audit’s research into cyber security practices unveiled some pretty disturbing facts. Given the opportunity, users will choose the most obvious, easiest to guess passwords, leaving them wide-open targets for cyber criminals. While the size and scope of this phenomenon [...]

Navigating the NIST AIM Guidelines

By Amit Rahav|August 16th, 2018|Categories: Articles|Tags: , |

  If the barrage of recent data breaches tells us anything, it’s that digital identity is the new battleground in information security. According to Symantec’s Internet Security Threat Report, 1.1 billion identities were stolen in 2016 alone. Armies of botnets are attempting to reuse and harvest stolen credentials in drive-by downloads or targeted phishing scams—all while we are still struggling with [...]

Reddit – Where CISO’s Go to Get Hacked

By Shimrit Tzur-David|August 14th, 2018|Categories: Articles|Tags: , , |

Yet another major enterprise has fallen victim to insecure identity protocols. The social network giant Reddit reported earlier this month that hackers had succeeded in breaching the company’s databases, exposing both usernames and passwords. Although cybercriminals were not able to alter any of Reddit’s information or source code, the companies Chief Technology Officer Christopher Slowe, admitted the hack was a serious [...]

Before you Get a Physical Security Token – What you Need to Know

By Shimrit Tzur-David|August 2nd, 2018|Categories: Articles|Tags: , , , , |

Last week Google announced that it will create its own physical universal second-factor authenticator that leverages the FIDO Alliance (Fast Identity Online). FIDO was designed to put an end to the tradeoff between fast, easy access on the one hand, and robust authentication security on the other. With the authentication scheme growing in popularity, several tech manufacturers like Yubico and Feitian [...]

Windows Hello for Business – Review

By Amit Rahav|July 19th, 2018|Categories: Articles|Tags: , , , |

Just a few years ago, biometric logins were the stuff of science fiction and technophiles. Today, the market has produced a slew of tools that have made biometrics available for the common user. Microsoft’s biometric solution, Windows Hello for Business (WHB), is one of the industries most successful platforms designed for enterprise-wide use. Let’s start with the basics: What Does it [...]

How Does Passwordless Authentication Work? (Part 1)

By Amit Rahav|July 9th, 2018|Categories: Articles|Tags: , , |

Being in the industry of authentication, we get quite a lot of questions on the topic, especially on how to get rid of passwords while maintaining a high level of assurance. To make access to this information a bit easier, we decided to put out a blog series with answers to the most commonly asked questions. Here’s the rundown of ongoing [...]