State Sponsored Identity Breaches

By Shimrit Tzur-David|November 27th, 2019|Categories: Uncategorized|Tags: , , |

Cybersecurity officials in Bulgaria revealed news of a massive hack that hit government databases. According to reports, records of more than five million Bulgarians were stolen by hackers from the country's tax revenue office. In a country with a population of just seven million, the scale of the hack means that basically, every Bulgarian adult has had their personal information compromised. [...]

Password Managers – Convenience is Not Security

By Shimrit Tzur-David|November 13th, 2019|Categories: Articles|Tags: , , |

Project Zero has recently disclosed that a security vulnerability left some of LastPass 16 million users exposed to the risk of credential compromise. In an ironic twist, LastPass, the supposedly secure gatekeeper of passwords, could leak the last password used to any website visited.  The vulnerability has since been patched, but maybe it is time we asked ourselves, why the heck [...]

Bypassing 2FA

By Amit Rahav|November 4th, 2019|Categories: Articles|Tags: , , , |

Two factor authentication is all the rage right now. Consumers and business users alike are encouraged to use 2FA. It is often heralded as the ultimate solution to protect us against the dangers of identity theft and corporate data breaches.   Don’t get me wrong, 2FA is immensely better than a primitive login, but it is still not all that it is made out to be. Here is the deal: passwords are fundamentally unsafe. As long as passwords stay in the mix, defending accounts with additional layers of security (no matter how robust ) is a band-aid solution at best. 

Secret Double Octopus Brings FIDO2 Passwordless Security to the Enterprise

By Secret Double Octopus Staff|October 28th, 2019|Categories: Press Release|

Company joins FIDO Alliance, receives FIDO2 certification for industry-leading enterprise authentication solution TEL AVIV, Israel, Oct. 24, 2019 / Secret Double Octopus, the pioneer of Passwordless Enterprise Authentication, announced today that it has received FIDO2 certification for its Octopus Authentication Server v4.0, including support for Active Directory on-premises. FIDO2 is a set of standards that enables easy and secure logins to websites [...]

True Cost of Password Based Authentication

By Amit Rahav|October 3rd, 2019|Categories: Articles|Tags: , , , |

Just because you don’t have to pay anything extra to buy this common form of authentication, it doesn’t mean that passwords are free.  Far from it, quite often passwords end up costing enterprises much more than what they have bargained for. Although the cost of passwords rarely comes up in management meetings, authenticating identity using passwords is a significant expense for [...]

Secret Double Octopus Appoints Ryder Gaston as EVP Sales America

By Secret Double Octopus Staff|September 24th, 2019|Categories: Press Release|

Tel Aviv, Israel, Sept. 23, 2019 /PRNewswire/ -- Secret Double Octopus, the pioneer of Passwordless Enterprise Authentication, today announced the appointment of Ryder Gaston as Executive Vice President of Sales America. Gaston's appointment coincides with a period of rapid growth and continued customer acquisition at Secret Double Octopus, including some of the world's largest multi-nationals, such as United Technologies Corporation. Earlier this year, the company announced [...]

The Ultimate Solution For Credential Stuffing Attacks

By Inbal Voitiz|September 19th, 2019|Categories: Articles|Tags: , , |

At the recent Usenix Security Conference, researchers at Google and Stanford revealed new statistics and insights that show the poor state of password security, and how credential stuffing remains an ever-present threat to the current account security landscape.  While the researches provide good information on password insecurity, their guidelines fall short of providing a permanent solution to protect individuals and organizations [...]

Your Complete Guide to FIDO, FIDO2 and WebAuthn

By Shimrit Tzur-David|September 11th, 2019|Categories: Articles|Tags: , |

In the past years, advances in technology, a growing number of horrifying data breaches, and increasing awareness on the need to protect online personal and corporate accounts have led to growing efforts in creating multi-factor authentication (MFA) technologies. But while the dream of creating authentication mechanisms that don’t rely on just memorizing and typing passwords dates back to many years, never [...]

On-Premise Plus Cloud = The Hybrid Approach

By Inbal Voitiz|August 26th, 2019|Categories: Articles|Tags: , , , , |

A quick look at the headlines of tech blogs and publications will give the impression that all companies and organizations are transferring their IT infrastructure and digital assets to public cloud services. The transition to the cloud is happening at a gradually accelerating pace. The future of online businesses, small and large, resides in the cloud. It sounds like a fair [...]