Skip to main content

The WiKID Blog

Viewing posts from June, 2013

SMS, Trojans and Two-factor authentication

I've often said that SMS is a weak basis for two-factor authentication.  It is unencrypted and unreliable. It is too easy to take over someone's account.  I was reminded of it today by this puff piece on American Banker - an ad for RSA's anti-trojan services.  Obviously, RSA sells anti-trojan services and two-factor authentication.  We sell two-factor authentication as well, but not SMS-based.  (We use software tokens that use asymmetric (public/private) keys.)

HTML5 Token

For the record, our open-source HTML5 token was released in 2010 and is available on our sourceforge site: http://sourceforge.net/projects/wikid-twofactor/files/HTML5_Token_Client/.

SSH key management a potential risk

We've long said that while we love SSH, SSH key management is a weak point, especially if you need to meet compliance requirements such as PCI.  Now Charles Kolodgy of IDC is saying the same thing:

Reporting via our API

Reporting is a fact of life. And to be honest, good reporting is good for security. In this post, we will take a look at the reports you can generate via the wAuth API to help monitor and manage your two-factor authentication installation.

Recent Posts

Archive

2024
2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom