WiKIDBlog

The WiKIDest Blog.

WiKID Systems Two-Factor Auth with F5 APM and VMware Horizon with View

2015-03-18T15:33:55-04:00
by Nick Owen posted on Mar 18, 2015 03:39 PM
A great tutorial

Privacy concerns about SMS-based two-factor authentication

2015-03-16T10:10:02-04:00
by Nick Owen posted on Mar 16, 2015 10:15 AM
I'm not sure we have thought this through.

A whole bunch of new Check Point Tutorials

2015-02-27T12:06:04-04:00
by Nick Owen posted on Feb 27, 2015 11:10 AM
How to add two-factor authentication to IPSec. SSL-VPN and administrator access for the Check Point Security Gateway.

A whole bunch of Cisco Two-factor Tutorials

2015-01-29T15:53:37-04:00
by Nick Owen posted on Jan 29, 2015 05:10 PM
More detailed information on adding two-factor authentication to a Cisco SSL or IPSec VPN.

4 Steps to Mitigate 95% of Known Vulnerabilities

2015-01-14T13:24:49-04:00
by Nick Owen posted on Jan 14, 2015 12:25 PM
Sounds good - but I'd like to see more stats.

Seven common misconceptions about two-factor authentication

2015-01-13T11:52:15-04:00
by Nick Owen posted on Jan 13, 2015 11:50 AM
These are some of the questions we get about Enterprise two-factor authentication deployments and some common assumptions that are not necessarily true.

Build your own cloud-based two-factor authentication service

2015-01-09T11:49:22-04:00
by Nick Owen posted on Jan 09, 2015 10:59 AM
Using packer it is incedibly easy to create two-factor authentication servers for EC2, GCE, Digital Ocean as well as VMWware, VirtualBox, etc.

Two-factor auth from the get-go: Eliminating Password1.

2015-01-05T19:13:16-04:00
by Nick Owen posted on Jan 06, 2015 10:14 AM
Using modern configuration tools it should be easy to eliminate common infrastructure weaknesses.

Belts and Suspenders Security

2015-01-05T12:20:58-04:00
by Nick Owen posted on Jan 05, 2015 11:22 AM
Security is hard.

J.P. Morgan caused by lack of two-factor authentication on one server

2014-12-23T13:30:16-04:00
by Nick Owen posted on Dec 23, 2014 12:30 PM
The New York Times is reporting on the cause of the JP Morgan attack. One server lacked the required two-factor authentication.

Tough times for Retailers

2014-12-16T17:16:36-04:00
by Nick Owen posted on Dec 16, 2014 04:16 PM
And they seem likely to continue into 2015.

The death of SaaS? Bringing software back.

2014-11-20T13:40:41-04:00
by Nick Owen posted on Nov 20, 2014 12:58 PM
The software to deploy your own SaaS is getting pretty good - creating options for vendors and customers.

Free two-factor authentication from WiKID

2014-11-19T10:44:18-04:00
by Nick Owen posted on Nov 19, 2014 10:29 AM
Free as in beer or free as in speech, you pick. 4.0 is easier to implement than a hosted service, less expensive and as reliable. You maintain control of the keys to your kingdom.

The weakest link in your supply chain may be passwords

2014-11-07T12:15:58-04:00
by Nick Owen posted on Nov 07, 2014 11:16 AM
Home Depot reveals that a vendor's credentials were used in their attack.

X2Go on Centos

2014-10-28T15:28:25-04:00
by Nick Owen posted on Oct 28, 2014 03:31 PM
We've released a packer script that creates x2go virtual servers on Github and created a public AMI for it.

Poodle post - catastrophic bug of the month

2014-10-15T09:42:54-04:00
by Nick Owen posted on Oct 15, 2014 09:45 AM
Information on how to disable SSL V3 for tomcat and the WiKID server in case you are worried.

Customer Service Reps & Two-factor authentication

2014-10-01T17:22:02-04:00
by Nick Owen posted on Oct 01, 2014 05:22 PM
Brian Krebs tells a story that is most likely too typical.

Update Bash if you are running OpenVPN

2014-09-30T10:03:51-04:00
by Nick Owen posted on Sep 30, 2014 10:04 AM
Using "auth-user-pass-verify" makes you vulnerable to a pre-authentication attack

Obligitory Shellshock post

2014-09-25T11:59:39-04:00
by Nick Owen posted on Sep 25, 2014 12:25 PM
Regarding the latest Internet-killing software flaw.

Moving beyond tutorials

2014-09-17T10:52:23-04:00
by Nick Owen posted on Sep 17, 2014 10:55 AM
Instead of just telling you how to do things, we can now tell software how to do things.

Document Actions

Ever since deploying WiKID, we  have  secured our Production systems from unauthorized access and maintained PCI compliance