The Usual Finger Pointing
Motherboard reported on a Yet Another Gaping Security Whole in using mobile phone numbers for authentication. The headline put it very succinctly: A Hacker Got All My Texts for $16. [...]
PKI for the Masses – Secure, Private Authentication Made Easy
Public Key Infrastructure (PKI) authentication is the most secure and reliable way to prove online identity, but it is rarely used by consumers. There are three main obstacle to using [...]
CIS Updates Password Guide
The Center for Internet Security just updated their Password Policy Guide as a template for organizations to use as their own. The CIS announcement start out with at this seemingly [...]
Where Trust Is Everything
Authentication is frequently confused with Access and Identity Management. These concepts are often used interchangeably because most existing authentication schemes were designed with the hierarchical, paternalistic mindset of traditional senior [...]
2FA: The Illusion of Security
Companies wanting to improve user security have frequently turned to 2nd Factor Authentication. Authentication is commonly viewed as confirming one of 5 factors; 2nd factor authentication simply means relying on [...]
Carrier Authentication for SIM Swap Request
Princeton University Department of Computer Science and Center for Information Technology Policy just released a draft report entitled An Empirical Study of Wireless Carrier Authentication for SIM Swaps which examines the [...]