Skip to main content

The WiKID Blog

The WiKID Blog, musings on two-factor authentication, information security and some other stuff.

2016 Verizon DBIR points to two-factor authentication and software whitelisting (again)

The Verizon DBIR 2016 is out today and this is our obiligatory blog post.  The usual caveats apply: it's a small (but growing) data set, there are reporting biases, etc, etc.

More information on the upcoming PCI-DSS 3.2

The PCI Council has published another blog post on the upcoming changes for PCI-DSS 3.2 especially how they relate to multi-factor authentication.

PCI DSS 3.2 will likely require two-factor authentication for administrators

Any day now, we expect the PCI Council to release PCI DSS 3.2.  According to PCI Security Standards Council Chief Technology Officer Troy Leach:

Fingerprints spoofed with conductive ink

I am guessing that the FBI wishes this research had come out just a bit eerlier.  Researchers at Michigan State University have figured out how to use conductive ink to create fingerprint spoofs

More ways not to do two-factor authentication

What is ok to use as a risk factor and what is not?  This will be a question in the near future.  Increasingly, companies are pushing odd (and some down-right creepy) authentication methods.  

Recent Posts

Archive

2016
2015
2014
2013
2012
2011
2010
2009
2008

Tags

Authors

Feeds

RSS / Atom