Identity and access management
Identity is often considered the perimeter in infosec, especially as traditional enterprise perimeters dissolve. Identity and access management is critical to maintain data security. From passwords to multifactor authentication, SSO to biometrics, get the latest advice on IAM here.
Top Stories
-
News
15 Oct 2024
FIDO unveils new specifications to transfer passkeys
The proposed FIDO Alliance specifications would enable users and organizations to securely transfer credentials from one identity provider to another. Continue Reading
By- Arielle Waldman, News Writer
-
News
10 Oct 2024
FTC orders Marriott to pay $52M and enhance security practices
The Federal Trade Commission says an investigation revealed that poor security practices led to three data breaches at Marriott and Starwood hotels between 2014 and 2020. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
09 Nov 2023
mandatory access control (MAC)
Mandatory access control (MAC) is a security strategy that restricts the ability individual resource owners have to grant or deny access to resource objects in a file system. Continue Reading
By -
News
08 Nov 2023
FBI: Ransomware actors hacking casinos via third parties
A new Private Industry Notification focuses on ransomware trends involving attacks against casinos as well as a callback phishing campaign perpetrated by the Luna Moth gang. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
03 Nov 2023
Okta breach led to hijacked sessions for 5 customers
Okta provided a detailed timeline of the events surrounding the breach against its customer support case management systems and said five customers had sessions hijacked. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
01 Nov 2023
authentication
Authentication is the process of determining whether someone or something is who or what they say they are. Continue Reading
By- Nick Barney, Technology Writer
- Mary E. Shacklett, Transworld Data
- Linda Rosencrance
-
Opinion
31 Oct 2023
Collaborate with third parties to ensure enterprise security
Third-party risk is a major threat today, as evidenced in numerous recent breaches. Organizations must work with partners to ensure their data is protected properly. Continue Reading
By- Jack Poller
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Podcast
26 Oct 2023
Risk & Repeat: Okta under fire after support system breach
This podcast episode covers a security breach suffered by identity vendor Okta involving its customer support systems, which has sparked criticism from customers. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
26 Oct 2023
How to create a company password policy, with template
Use these guidelines and our free template to ensure your company's password policy sets the ground rules for strong and effective password creation and use. Continue Reading
By -
News
24 Oct 2023
1Password stops attack linked to Okta breach
1Password said a threat actor used a HAR file stolen in the recent Okta breach to access the password manager's Okta tenant, but the activity was detected and blocked. Continue Reading
By- Arielle Waldman, News Writer
-
News
23 Oct 2023
Okta customer support system breached via stolen credentials
During the latest breach against the identity and access management vendor, attackers took advantage of the system intended to provide support for Okta customers. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
20 Oct 2023
soft token
A soft token is a software-based security token that generates a single-use login personal identification number (PIN). Continue Reading
By -
Opinion
18 Oct 2023
SailPoint extends identity security platform with data security
With DAS, privilege access management, AI and other features, SailPoint moves Atlas from an identity governance platform to an identity security platform. Continue Reading
By- Jack Poller
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
18 Oct 2023
Mandiant: Citrix zero-day actively exploited since August
Exploitation against CVE-2023-4966 is ongoing, and Mandiant CTO Charles Carmakal warned patching alone is insufficient against potential attacks that leverage MFA bypass techniques. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
18 Oct 2023
Google Authenticator
Google Authenticator is a mobile security application that provides a second type of confirmation for websites and online services that use two-factor authentication (2FA) to verify a user's identity before granting him or her access to secure resources. Continue Reading
-
Definition
17 Oct 2023
Secure Sockets Layer certificate (SSL certificate)
A Secure Sockets Layer certificate (SSL certificate) is a small data file installed on a web server that allows for a secure, encrypted connection between the server and a web browser. Continue Reading
By -
Definition
16 Oct 2023
central bank digital currency (CBDC)
A central bank digital currency (CBDC) is a digital version of a country's central bank money or fiat currency. Continue Reading
By- Ben Lutkevich, Site Editor
-
News
16 Oct 2023
Google Authenticator synchronization raises MFA concerns
Infosec experts say a synchronization feature added to Google's Authenticator app could lead to unintended consequences for organizations' multifactor authentication codes. Continue Reading
By- Arielle Waldman, News Writer
-
Answer
16 Oct 2023
Best practices to conduct a user access review
User entitlement reviews ensure only authorized users have access to essential systems and data. Uncover the steps of a user access review and helpful best practices. Continue Reading
By- Sharon Shea, Executive Editor
-
Definition
12 Oct 2023
Microsoft Windows Credential Guard
Microsoft Credential Guard is a security feature in Microsoft Windows operating system (OS) that isolates user credentials, such as login information, from the rest of the operating system. Continue Reading
By -
Definition
11 Oct 2023
authentication, authorization and accounting (AAA)
Authentication, authorization and accounting (AAA) is a security framework for controlling and tracking user access within a computer network. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
Tip
11 Oct 2023
Top 6 password hygiene tips and best practices
Passwords enable users to access important accounts and data, making them attractive targets to attackers, too. Follow these password hygiene tips to keep your organization safe. Continue Reading
By- Diana Kelley, SecurityCurve
-
Opinion
11 Oct 2023
Takeaways from Oktane23: Okta AI, universal logout and more
New game-changing security features from Okta speed threat detection and response times, enabling IT pros to log all users out of applications during a cyber attack. Continue Reading
By- Jack Poller
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Tip
10 Oct 2023
How to remove digital signatures from a PDF
Digital signatures let organizations execute and secure agreements, but users can remove them if they need to reformat documents or protect signers' privacy. Continue Reading
By -
Definition
10 Oct 2023
password entropy
Password entropy is a measurement of a password's strength based on how difficult it would be to crack the password through guessing or a brute-force attack. Continue Reading
-
Definition
06 Oct 2023
risk-based authentication (RBA)
Risk-based authentication (RBA) is an authentication method in which varying levels of stringency are applied to a system’s authentication process based on the likelihood that access to that system could result in its compromise. Continue Reading
By -
News
04 Oct 2023
Okta debuts passkey support to combat account compromises
The identity and access management vendor introduced products and features that addressed new social engineering techniques that require additional security measures beyond MFA. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
02 Oct 2023
multifactor authentication
Multifactor authentication (MFA) is an account login process that requires multiple methods of authentication from independent categories of credentials to verify a user's identity for a login or other transaction. Continue Reading
By- Kinza Yasar, Technical Writer
- Mary E. Shacklett, Transworld Data
-
Definition
26 Sep 2023
Protected Extensible Authentication Protocol (PEAP)
Protected Extensible Authentication Protocol (PEAP) is a security protocol commonly used to protect wireless networks. Continue Reading
-
Definition
26 Sep 2023
principle of least privilege (POLP)
The principle of least privilege (POLP) is a concept in computer security that limits users' access rights to only what is strictly required to do their jobs. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
News
25 Sep 2023
Dallas doles out $8.5M to remediate May ransomware attack
The city of Dallas provided a detailed attack timeline that showed Royal threat actors compromised a service account a month before ransomware was deployed. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
25 Sep 2023
How to add digital signatures to a PDF
Organizations use digital signatures to secure agreements. Common document applications, such as Adobe Acrobat and macOS Preview, let users quickly add digital signatures to PDFs. Continue Reading
By -
Opinion
21 Sep 2023
Strong identity security could've saved MGM, Caesars, Retool
Three cyber attacks that featured vishing led to compromised identities, data loss and the interruption of operations. Passwordless authentication could have prevented all three. Continue Reading
By- Jack Poller
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
14 Sep 2023
Developer platform Retool breached in vishing attack
A successful vishing attack against a Retool employee led to account takeovers of 27 cloud customers, but the company is pointing the finger at Google. Continue Reading
By- Arielle Waldman, News Writer
-
Opinion
12 Sep 2023
Time for an identity security revolution
Identity needs to be the foundational component of the cybersecurity stack, because attackers are primarily after an organization's data. Continue Reading
By- Jack Poller
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
11 Sep 2023
Cisco VPN flaw faces attempted Akira ransomware attacks
Cisco said it became aware of 'attempted exploitation' last month and referenced an Aug. 24 security advisory saying its VPNs were under attack by the Akira ransomware gang. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
06 Sep 2023
Okta: 4 customers compromised in social engineering attacks
Okta said a threat actor convinced IT personnel at several customers to reset MFA factors for highly privileged users, though it's unclear how they accomplished that task. Continue Reading
By- Arielle Waldman, News Writer
- Rob Wright, Senior News Director
-
Opinion
06 Sep 2023
Identity needs a seat at the cybersecurity table
The shift to the cloud and remote work, combined with the rise of phishing and other identity-related attacks, puts identity security at the forefront of cybersecurity concerns. Continue Reading
By- Jack Poller
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
30 Aug 2023
CrowdStrike CTO: 'Rookie mistakes' are hurting cloud security
CrowdStrike's Elia Zaitsev discusses the rise in credential-based attacks, as well as the common errors organizations make in the cloud that often lead to breaches. Continue Reading
By- Rob Wright, Senior News Director
-
Definition
30 Aug 2023
biometric authentication
Biometric authentication is a security process that relies on the unique biological characteristics of individuals to verify they are who they say they are. Continue Reading
By- Cameron Hashemi-Pour, Site Editor
-
News
29 Aug 2023
Cisco VPNs under attack via Akira, LockBit ransomware
Cisco and Rapid7 say ransomware actors LockBit and Akira have apparently been targeting Cisco VPNs not configured for multifactor authentication. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
24 Aug 2023
How do digital signatures work?
Digital signatures add a level of security to online agreements, which can prevent bad actors from impersonating other individuals or tampering with sensitive contracts. Continue Reading
By -
Definition
23 Aug 2023
BYOI (bring your own identity)
BYOI (bring your own identity) is an approach to digital authentication in which an end user's username and password are managed by a third party. BYOI is increasingly being used for website authentication. Continue Reading
By- Robert Sheldon
- Sharon Shea, Executive Editor
-
Definition
14 Aug 2023
Directory Services Restore Mode (DSRM)
Directory Services Restore Mode (DSRM) is a Safe Mode boot option for Windows Server domain controllers. Continue Reading
By -
Definition
11 Aug 2023
message authentication code (MAC)
A message authentication code (MAC) is a cryptographic checksum applied to a message in network communication to guarantee its integrity and authenticity. Continue Reading
-
News
09 Aug 2023
Wiz warns of exposed multi-tenant apps in Azure AD
During a Black Hat USA 2023 session, a Wiz researcher explained how a common misconfiguration in Azure Active Directory led to the exposure of nearly 1,300 applications. Continue Reading
By- Rob Wright, Senior News Director
-
News
08 Aug 2023
CrowdStrike observes massive spike in identity-based attacks
Identity-based attacks like Kerberoasting saw massive increases over the last 12 months as adversary breakout time fell, according to CrowdStrike's 2023 Threat Hunting Report. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
07 Aug 2023
orphan account
An orphan account, also referred to as an orphaned account, is a user account that can provide access to corporate systems, services and applications but does not have a valid owner. Continue Reading
-
Definition
31 Jul 2023
Common Access Card (CAC)
A Common Access Card (CAC) is a smart card issued by the Unites States Department of Defense for accessing DOD systems and facilities. Continue Reading
By -
Definition
28 Jul 2023
national identity card
A national identity card is a portable document, typically a plasticized card with digitally embedded information, that is used to verify aspects of a person's identity. Continue Reading
-
Tip
28 Jul 2023
Improve IAM with identity threat detection and response
Attackers increasingly target user accounts to gain access. Identity threat detection and response offers organizations a way to improve security for identity-based systems. Continue Reading
By -
News
25 Jul 2023
DocuSign launches AI-backed live video ID verification tool
The e-signature vendor's new AI-supported identity confirmation tool uses biometrics and live video to verify signers' identity and physical presence at the time of signing. Continue Reading
By- Mary Reines, News Writer
-
Tip
19 Jul 2023
How to fit customer experience security into your strategy
Most organizations overlook security in their CX strategies. However, with collaboration, personalization, CIAM controls and more, organizations can offer a secure and positive CX. Continue Reading
By- Jessica Groopman, Kaleido Insights
-
Feature
13 Jul 2023
8 best practices for a zero-trust storage strategy
Explore how to apply the zero-trust security model to storage systems. Given today's threat landscape, additional data protection is key for enterprises. Continue Reading
-
News
12 Jul 2023
Threat actors forged Windows driver signatures via loophole
Threat actors bypassed Microsoft's driver signing policy using a technical loophole and signature timestamp forging tools commonly used in the video game cheat community. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
07 Jul 2023
mobile authentication
Mobile authentication is the verification of a user's identity via a mobile device using one or more authentication methods for secure access. Continue Reading
-
News
06 Jul 2023
JumpCloud invalidates API keys in response to ongoing incident
The cloud provider did not give any details about the incident that prompted a mandatory API key rotation, which might have caused service disruptions for customers. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
06 Jul 2023
single-factor authentication (SFA)
Single-factor authentication (SFA) is a process for securing access to a given system, such as a network or website, that identifies the party requesting access through only one category of credentials. Continue Reading
-
Definition
05 Jul 2023
knowledge-based authentication
Knowledge-based authentication (KBA) is an authentication method in which users are asked to answer at least one secret question. Continue Reading
-
Definition
30 Jun 2023
security token
A security token is a physical or wireless device that provides two-factor authentication (2FA) for users to prove their identity in a login process. Continue Reading
By -
News
27 Jun 2023
ChatGPT users at risk for credential theft
As ChatGPT's user base continues to grow, Group-IB says threat actors have exploited stolen accounts to collect users' sensitive data and professional credentials. Continue Reading
By- Alexis Zacharakos, Student Co-op
-
News
14 Jun 2023
HashiCorp Vault trims SaaS; Boundary hooks up Enterprise
HashiCorp Vault's appeal to a broader field of users gets a boost from a new entry-level cloud service, while a new Boundary Enterprise targets the high end of the market. Continue Reading
By- Beth Pariseau, Senior News Writer
-
News
13 Jun 2023
AWS launches EC2 Instance Connect Endpoint, Verified Permissions
At re:Inforce 2023, AWS launched a new service that allows customers to connect to their EC2 instances through SSH and RDP connections, removing the need for a public IP address. Continue Reading
By- Rob Wright, Senior News Director
-
Definition
09 Jun 2023
logon (or login)
In computing, a logon is a procedure that enables an entity to access a secure system such as an operating system, application, service, website or other resource. Continue Reading
-
Tip
08 Jun 2023
How to secure blockchain: 10 best practices
Blockchain has huge potential in the enterprise, but remember all emerging technologies come with their own risks. Consider these 10 best practices for securing blockchain. Continue Reading
By- Jessica Groopman, Kaleido Insights
-
Tip
07 Jun 2023
6 blockchain use cases for cybersecurity
Is blockchain secure by design, or should blockchains be designed for security? Learn more through these six security and privacy use cases for blockchain. Continue Reading
By- Jessica Groopman, Kaleido Insights
-
Definition
16 May 2023
decentralized identity
Decentralized identity is an approach to identify and authenticate users and entities without a centralized authority. Continue Reading
-
News
16 May 2023
Coalition: Employee actions are driving cyber insurance claims
After analyzing cyber insurance claims data, Coalition determined that phishing escalated in 2022, ransomware dropped and timely patching remained a consistent problem. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
12 May 2023
Active Directory domain (AD domain)
An Active Directory domain (AD domain) is a collection of objects within a Microsoft Active Directory network. Continue Reading
By- Stephen J. Bigelow, Senior Technology Editor
- Ben Rubenstein, Senior Manager, Social Media and Online Community
-
Definition
11 May 2023
Active Directory functional levels
Active Directory functional levels are controls that specify which advanced Active Directory domain features can be used in an enterprise domain. Continue Reading
By- Stephen J. Bigelow, Senior Technology Editor
-
News
10 May 2023
Dragos discloses blocked ransomware attack, extortion attempt
Dragos Inc. published a blog post that outlined a likely ransomware attack it stopped this week, though a threat actor obtained 'general use data' for new hires. Continue Reading
By- Arielle Waldman, News Writer
-
Opinion
10 May 2023
2023 RSA Conference insights: Generative AI and more
Generative AI was the talk of RSA Conference 2023, along with zero trust, identity security and more. Enterprise Strategy Group analyst Jack Poller offers his takeaways. Continue Reading
By -
Definition
09 May 2023
claims-based identity
Claims-based identity is a means of authenticating an end user, application or device to another system in a way that abstracts the entity's specific information while providing data that authorizes it for appropriate and relevant interactions. Continue Reading
-
Feature
05 May 2023
How to implement principle of least privilege in Azure AD
Restricting users' permissions in Microsoft Azure AD to only what they need to complete their job helps secure and reduce the cloud attack surface. Continue Reading
By- Kyle Johnson, Technology Editor
- Packt Publishing
-
News
03 May 2023
Google rolls out passkeys in service of passwordless future
Google referred to its new passkey option, which features facial recognition, fingerprint and PIN-based authentication, as 'the beginning of the end of the password.' Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
02 May 2023
password manager
A password manager is a technology tool that helps internet users create, save, manage and use passwords across different online services. Continue Reading
-
Definition
02 May 2023
Hash-based Message Authentication Code (HMAC)
Hash-based Message Authentication Code (HMAC) is a message encryption method that uses a cryptographic key in conjunction with a hash function. Continue Reading
By -
News
01 May 2023
1Password execs outline shift to passwordless authentication
1Password CEO Jeff Shiner and Anna Pobletts, head of passwordless, discuss the power of passkeys, the adoption challenges ahead, and the threat of generative AI attacks. Continue Reading
By- Arielle Waldman, News Writer
-
News
26 Apr 2023
CrowdStrike details new MFA bypass, credential theft attack
At RSA Conference 2023, CrowdStrike demonstrated an effective technique that a cybercrime group used in the wild to steal credentials and bypass MFA in Microsoft 365. Continue Reading
By- Rob Wright, Senior News Director
-
News
25 Apr 2023
Rising AI tide sweeps over RSA Conference, cybersecurity
AI is everywhere at RSA Conference 2023, though experts have differing views about why the technology has become omnipresent and how it will best serve cybersecurity. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
20 Apr 2023
Microsoft Exchange Online Protection (EOP)
Microsoft Exchange Online Protection (EOP) is a cloud-based service that provides email filtering designed to protect organizations against spam, malware, and other email-based threats. Continue Reading
-
Definition
17 Apr 2023
Microsoft Azure Key Vault
Microsoft Azure Key Vault is a cloud-based security service offered by Microsoft as part of its Azure platform. Continue Reading
By- Katie Terrell Hanna
- Tayla Holman, Site Editor
-
Definition
14 Apr 2023
two-step verification
Two-step verification is a process that involves two authentication steps performed one after the other to verify that someone or something requesting access is who or what they say they are. Continue Reading
By -
Definition
13 Apr 2023
private CA (private PKI)
A private CA is an enterprise-specific certificate authority that functions like a publicly trusted CA. Continue Reading
By- Jason Soroko, Sectigo
-
Tutorial
12 Apr 2023
How to create fine-grained password policy in AD
Fine-grained password policies are a simple and effective way of ensuring password settings meet business requirements. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
Tutorial
12 Apr 2023
How to enable Active Directory fine-grained password policies
Specifying multiple password policies customized to specific account types adds another layer to an organization's security posture. Using PSOs instead of Group Policy can help. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
Answer
12 Apr 2023
How to use a public key and private key in digital signatures
Ensuring authenticity of online communications is critical to conduct business. Learn how to use a public key and private key in digital signatures to manage electronic documents. Continue Reading
By- Joel Dubin
- Katie Donegan, Social Media Manager
-
Answer
11 Apr 2023
What are the Microsoft 365 password requirements?
When IT administrators manage passwords for Microsoft 365 accounts in Azure AD, they can deploy and remove critical policies that can improve overall security posture. Continue Reading
By -
News
11 Apr 2023
FTX bankruptcy filing highlights security failures
Debtors claim that defunct cryptocurrency exchange FTX lacked any dedicated security personnel and failed to implement critical access controls for billions of dollars in assets. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
11 Apr 2023
Centralized vs. decentralized identity management explained
With decentralized identity, organizations can worry less about data security and privacy, while users get more control over their information. But it's not without challenges. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
- Kyle Johnson, Technology Editor
-
Feature
11 Apr 2023
How to use Azure AD Connect synchronization for hybrid IAM
Organizations face many challenges authenticating and authorizing users in hybrid infrastructures. One way to handle hybrid IAM is with Microsoft Azure AD Connect for synchronization. Continue Reading
By- Kyle Johnson, Technology Editor
- Packt Publishing
-
Opinion
06 Apr 2023
Top RSA Conference 2023 trends and topics
Enterprise Strategy Group's Jack Poller outlines his picks for getting the most out of the 2023 RSA Conference, from keynotes to startups, AI, innovation and more. Continue Reading
By- Jack Poller
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Tip
06 Apr 2023
Comparing enabled and enforced MFA in Microsoft 365
When managing Microsoft 365 authentication, IT admins may encounter the distinction between enabled and enforced MFA. Find out what those terms mean. Continue Reading
By -
News
06 Apr 2023
119 arrested in Genesis Market takedown
The FBI and Dutch National Police led the takedown of Genesis Market alongside more than a dozen partners, including the U.K., Italy, Spain and Romania. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
05 Apr 2023
deprovisioning
Deprovisioning is the part of the employee lifecycle in which access rights to software and network services are taken away. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
Definition
30 Mar 2023
CSR (Certificate Signing Request)
A Certificate Signing Request (CSR) is a specially formatted encrypted message sent from a Secure Sockets Layer (SSL) digital certificate applicant to a certificate authority (CA). Continue Reading
By- Sharon Shea, Executive Editor
-
Definition
30 Mar 2023
authentication factor
An authentication factor is a category of credential that is intended to verify, sometimes in combination with other factors, that an entity involved in some kind of communication or requesting access to some system is who, or what, they are declared to be. Continue Reading
By -
News
27 Mar 2023
Zoom launches Okta Authentication for E2EE to verify identity
Authenticated Zoom attendees will get a blue shield icon next to their participant name to give enterprises additional security during sensitive meetings. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
24 Mar 2023
three-factor authentication (3FA)
Three-factor authentication (3FA) is the use of identity-confirming credentials from three separate categories of authentication factors -- typically, the knowledge, possession and inherence categories. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
Definition
20 Mar 2023
FIDO (Fast Identity Online)
FIDO (Fast Identity Online) is a set of technology-agnostic security specifications for strong authentication. Continue Reading
By -
Definition
15 Mar 2023
YubiKey
YubiKey is a security token that enables users to add a second authentication factor to online services from tier 1 vendor partners, including Google, Amazon, Microsoft and Salesforce. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
News
09 Mar 2023
GitHub 2FA plan adds SMS, account lockout safeguards
GitHub has added SMS support and fresh account lockout prevention features to its phased rollout plans as it prepares to implement a 2FA requirement for accounts beginning Monday. Continue Reading
By- Beth Pariseau, Senior News Writer