Skip to main content

The WiKID Blog

The WiKID Blog, musings on two-factor authentication, information security and some other stuff.

More proof that you can't rely on someone else for your security

Here's the latest example of improperly relying on a third party for your two-factor authentication.

DBIR once again makes the case for two-factor authentication

The 2014 Verizon DBIR once again points to the need for two-factor authentication, just like last year.  Hackers continue to use lost, stolen or weak credentials in attacks - three-quarters of all attacks. Imagine implementing a control that impacted 3/4ths of all attacks?  Would that be beneficial.  You bet.

Can I re-enable users after a certain amount of time?

Yes, you can.  On the WiKIDAdmin interface, go to Configuration > Set Parameters > Create a New Parameter.  Call it "reEnableHours" and set the number of hours you would like.  Disabled users will automatically be re-enabled after that time.  Be careful though, you do not want to automatically re-enable two-factor authentication for a user that has been disabled for a valid reason.

Heartbleed, Two-factor authentication and cascading failure

For the record, we use java for certificates, not openssl, so the WiKIDAdmin server interface (which should not be Internet-facing anyway) is not vulnerable to Heartbleed.

How can I configure WiKID to start automatically.

Yes.

Recent Posts

Archive

2024
2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom