authentication News

  • Is "Bring Your Own Identity" a security risk or advantage?

    Posted July 28, 2014 - 4:58 pm

    Questions abound over sites authenticating users via identities established through social networks, Yahoo Ponemon Institute survey shows.
  • Ping Identity rolls mobile one-swipe authentication; takes aim at RSA tokens

    Posted July 21, 2014 - 11:37 am

    PingID for Apple iOS or Google Android mobile devices is an app that works to generate one-time passwords on a smartphone.
  • Twitter plans two-step authentication to prevent hacks

    Posted April 25, 2013 - 12:04 pm

    Following Tuesday's hacking of the Associated Press' Twitter account, the microblogging site is reportedly working on a two-step authentication security solution to help prevent future hijackings.
  • Online security: your two-factor authorization checklist

    Posted April 25, 2013 - 11:45 am

    As Twitter gets ready to roll out two-factor authentication, here's a rundown of how other major online services use the security feature.
  • Apple adds two-step authentication option for iCloud, Apple IDs

    Posted March 21, 2013 - 8:51 pm

    Apple on Thursday unveiled two-step authentication for Apple and iCloud IDs. As first reported by 9to5 Mac, you can now add the extra level of security to your accounts by heading to Apple's website.
  • The Weekly Hash - February 22, 2013

    Posted February 22, 2013 - 12:04 pm

    Joking about the week’s top tech stories, this week featuring Burger King, Chinese cyberspies and a new Chromebook that will revolutionize the way we watch porn
  • PGP Corp. co-founder's startup targets cloud authentication

    Posted November 26, 2012 - 3:44 pm

    When Phil Dunkelberger co-founded PGP Corp. in 2002 with Jon Callas, it was to acquire the codebase for the famous encryption technology known as "Pretty Good Privacy" which had been sold to Networks Associates in 1997. That proved a good move for public-key encryption, and now Dunkelberger says his next project -- the formation of a company called Nok Nok Labs -- involves a revolutionary way to support authentication in corporate networks and the cloud.
  • Do authenticaton questions really protect you?

    Posted September 3, 2012 - 9:34 pm

    What is your mother's maiden name? It seems like that question has been used as secondary authentication to verify identity since the dawn of time. Over time, the authentication questions have become much more diverse. Sites now ask for things like what city you went to high school in, or who was your favorite teacher, or what was your first car.
  • The Weekly Hash - August 31, 2012

    Posted August 31, 2012 - 11:54 am

    A review of some of the top tech stories for the past week, with tongue planted firmly somewhere near cheek.
  • Does two-factor authentication need to be fixed?

    Posted June 28, 2012 - 2:15 pm

    Does two-factor authentication need to be fixed? Tough criticisms heard this week from researchers about the effectiveness of two-factor authentication, especially as it's used in its token form for one-time passwords and smartcards, suggest advances need to be made to restore its luster as security protection.
  • Intel announces Cloud SSO beta program

    Posted February 28, 2012 - 8:38 am

    Intel today announced the availability of a cloud-based single sign-on (SSO) authentication and authorization service under a beta program that is expected to become a generally available offering later this spring.
  • iOS, Android to get federal-strength authentication

    Posted November 15, 2011 - 1:01 pm

    Businesses also gain a new Android app management and provisioning tool
  • SuperTweet: Twitter without the OAuth hassle

    Posted October 20, 2011 - 6:34 pm

    Last year, Twitter went over to OAuth; SuperTweet allows you to still use basic authentication.
  • VMware debuts sign-on service for cloud applications

    Posted May 17, 2011 - 9:03 am

    VMware Horizon App Manager will provice a single sign on for all of an organization's cloud applications
  • EMC: RSA SecurID info swiped via sophisticated hack attack

    Posted March 17, 2011 - 8:44 pm

    Company exec warns customers that stolen information could be used to more easily penetrate customers' systems.
  • CA cloud service measures security risk, keeps out riff-raff

    Posted February 16, 2011 - 10:26 am

    CA Technologies today announced its cloud-authentication service now features advanced controls to let customers more effectively control who gets into corporate applicaitions.
  • Banks may soon require new online authentication steps

    Posted January 25, 2011 - 3:10 pm

    The Federal Financial Institutions Examination Council (FFIEC) could soon release new guidelines for banks to use when authenticating users to online banking transactions.
  • Too much access? Privileged Identity Management can help

    Posted November 18, 2010 - 11:01 pm

    Privileged identity management (PIM) products automate control over administrative accounts, which typically put too much power in too many people's hands with too little accountability. They address the security, operational and compliance issues posed by the widely shared administrative accounts and passwords, excessive administrative rights, poor separation of duties, embedded passwords in legacy applications and scripts, and poor or nonexistent privileged-password rotation. They also provide individual accountability and an audit trail to prove that policies and controls are actually being enforced.
  • Symantec to buy VeriSign's authentication business

    Posted May 20, 2010 - 9:33 am

    Symantec will pay US$1.28 billion to acquire VeriSign's security business.
  • Cloud-based identity management gets a boost

    Posted May 19, 2010 - 11:40 am

    Giving network managers a way to provide access, single sign-on and provisioning controls in cloud-computing environments got a boost today from both Novell and a much smaller competitor, start-up Symplified.
  • Two-factor authentication through Windows Server 2008 NPS

    Posted May 10, 2010 - 11:19 am

    Increasingly, whether due to regulatory requirements or a basic recognition that static passwords just don't provide adequate security, organizations are implementing some form of strong authentication. Like all new efforts, before you start you want to be reasonably assured that you will succeed. In this tutorial we will document how to add two-factor authentication to various Microsoft remote access solutions through the Windows Server 2008 Network Policy Server. For two-factor authentication, we will be using the WiKID Strong Authentication Server - Enterprise Edition. WiKID is a dual-sourced, software-based two-factor authentication system. While the document is product specific, the process is typically the same no matter the products.
  • Researchers find way to zap RSA security scheme

    Posted March 6, 2010 - 10:57 pm

    Three University of Michigan computer scientists say they have found a way to exploit a weakness in RSA security technology used to protect everything from media players to smartphones and e-commerce servers.
  • Security B-Sides: Perfect Authentication Remains Elusive

    Posted March 3, 2010 - 10:30 pm

    For years, leaders of the security industry have warned that passwords have outlived their usefulness. Users pick easy-to-crack passwords like the name of a dog or a favorite movie. They're written on post-it notes and left sticking to the monitor for all to see.
  • RSA and Verisign Partner for Cloud-Based Offering

    Posted October 15, 2009 - 2:19 pm

    RSA and VeriSign are working together to provide organizations with the mutual benefit of an expanded VeriSign Identity Protection (VIP) Service through the availability of RSA SecurID two-factor authentication technology for more choice in one-time password (OTP) authentication. VIP is a managed, shared authentication solution that provides its users with a single one-time password (OTP) authentication device to securely access multiple Web sites.
  • Social Networking a Tool for More Secure ID Management?

    Posted September 18, 2009 - 11:13 pm

    At Digital ID World 2009, a Facebook platform engineer says social networking sites can be used to actually improve identity and access management. Why wasn't he laughed off stage by the skeptical security crowd before him? Read on.
Join us:






Join today!

See more content
Ask a Question