Authentication

Authentication news, information, and how-to advice

Computer monitor with pixelated locks for security breach
dsc05783

A Surface Pro 3 running Windows 10

Microsoft unveils a bonanza of security capabilities

New features for Windows and Office 365 aim to help businesses with cybersecurity

facebook login screen oct2016

Facebook taps FIDO U2F for stronger login security

Facebook joins Google, Salesforce, GitHub, Dashlane, and Dropbox in supporting FIDO U2F to help prevent attackers from hacking user accounts

microsoft office 365 logo

Office 365 outstrips Salesforce, Box as top enterprise app

Okta's latest survey of its customer app usage data shows Microsoft Office 365 way out in the lead, and Slack gaining fast but facing a possible glass ceiling

security training ts

Got microservices? You'd better secure them

Our modern world of containers and microservices presents new challenges that open new vulnerabilities if left unaddressed

dog_phone_selfie_photo

Better authentication: Go get 'em, FIDO

Security standards always seem to languish in committee, but the FIDO Alliance breaks the mold, rolling out new, usable authentication systems at a rapid clip

https certificate secure

Moment of truth: Web browsers and the SHA-1 switch

SHA-1 encryption is ending. Here's how your browser will react

Digital Key, security, encryption

Google to untrust WoSign and StartCom certificates

Google Chrome will stop trusting digital certificates issued after Oct. 21 by the WoSign and StartCom certificate authorities

Digital Key, security, encryption

Many companies want to phase out passwords

Almost 70 percent of companies are likely to phase out passwords within five years, a survey shows

password security reset questions

A quick fix for stupid password reset questions

This ridiculous feature is a major vulnerability. If you're forced to use it, here's how to make it more secure

words magnets password

Regular password changes make things worse

Changing passwords is supposed to make things more difficult for attackers. Unfortunately, research shows that human nature means it makes it easier

cyber attack stock image

New collision attacks against triple-DES, Blowfish break HTTPS sessions

Legacy ciphers such as triple-DES and Blowfish are vulnerable to Sweet32 attacks, which let attackers decrypt HTTPS sessions even without the encryption key

snow globe with winter scene

How 3 fintech startups are shaking up security

The financial industry has invested heavily in staff, processes, and technology to improve security, but some startups are taking a more innovative approach

party favors

6 security advances worth celebrating

In a world besieged by criminal hackers, we'll take all the good security news we can get. Here are six advances that can improve your defenses

New features in Windows 10 laptop

Respect: Windows 10 security impresses hackers

Windows is a popular attack target for criminals and researchers alike, but Microsoft has done a good job of making it harder to target security flaws in the OS

Windows 10 tips & tricks Knowledge Pack

The one big reason to switch to Windows 10

Security is a mess. Windows 10 offers promising solutions -- with features based on Hyper-V that will fundamentally change enterprise security

dsc04777

NIST is no longer hot for SMS-based two-factor authentication

SMS-based authentication is easy to implement and accessible to many users, but it is also insecure. Now NIST plans to drop it from its two-factor authentication guidelines

pasword grave

Killing the password: FIDO says long journey will be worth it

Eliminating passwords will take years, acknowledges the FIDO Alliance. But it says it is well on its way to a faster, easier and much more secure online authentication standard

spam email

Top website domains are vulnerable to email spoofing

A security firm found lax use of email authentication systems by more than half of the world's top websites

Load More