Skip to main content

The WiKID Blog

Viewing posts tagged Two-factor authentication

Evading Microsoft ATA > Another reason to use 2FA for Windows Admins

Nikhil "SamratAshok" Mittal has a great series of posts on how to avoid detection by Microsoft's Advanced Threat Analytics (ATA).

PCI DSS disses multi-step authentication

The PCI Council has published an "Information Supplement" on multi-factor authentication (pdf).  The document that multi-step and mutl-factor authentication are not the same and that the former is not acceptable. 

Users: before you use two-factor authentication, make sure the admins do!

Dropbox is the latest internet-based service to suffer a mega-breach.  

NIST deprecates SMS as an out-of-band authentication method

When we started WiKID, we looked at using SMS to deliver one-time passcodes.  We chose not to for the simple reason that there was no way we could control the encryption and thus demonstrate the security of our solution to customers.  There wasn't any data about the possible risks or probabilities of failures (except for reliability/delivery percentages)   We looked to basic security design principles and best practices when we developed WiKID.  Could we control the encryption?  Could we generate the keys on the devices instead of using shared-secrets?  

How to add WiKID two-factor authentication to an Aruba Networks Via VPN solution

Check out this great video on how to add WiKID two-factor authentication to an HPE/Aruba Networks Via VPN:  https://www.youtube.com/watch?v=hcHXwND301U&feature=youtu.be

Recent Posts

Archive

2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom