Skip to main content

The WiKID Blog

The WiKID Blog, musings on two-factor authentication, information security and some other stuff.

The convenience of multiple tokens per user

I think this tweet lamenting the state of two-factor authentication and online identity will be increasingly common:

Add two-factor authentication to any app that uses AD

We have primarily been promoting our new native AD two-factor authentication for use by Administrators looking to meet the latest PCI-DSS 3.2 requirements or thwart pass-the-hash attacks, however it is more powerful than that.

Non-Console Administrative Access

Now that PCI-DSS 3.2 is live, we have been pondering how hard it will be to implement the new multi-factor authentication requirements.  First some definitions from the PCI Glossary:

2016 Verizon DBIR points to two-factor authentication and software whitelisting (again)

The Verizon DBIR 2016 is out today and this is our obiligatory blog post.  The usual caveats apply: it's a small (but growing) data set, there are reporting biases, etc, etc.

More information on the upcoming PCI-DSS 3.2

The PCI Council has published another blog post on the upcoming changes for PCI-DSS 3.2 especially how they relate to multi-factor authentication.

Recent Posts

Archive

2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom