The WiKID Blog, musings on two-factor authentication, information security and some other stuff.
Log4j CVE-2021-44228
Posted by: root 8 months, 1 week ago
We are fairly confident that we are not vulnerable to the Log4J bug, but we will be releasing an update soon with an updated version of Log4J. Stay tuned.
Questions about 2FA for AD admins
Posted by: root 1 year, 2 months ago
We've recently had more questions about deploying WiKID for two-factor authentication for AD admins to thwart potential privilege escalation in ransomware attacks. We've done a proof-of-concept showing that WiKID can make privilege escalation quite difficult. We realized that we missed a key question about deploying two-factor authentication for admins: how do I know I won't lock out all my admins? That's a damn good question. And here's the answer:
WiKID Android tokens had their data deleted over the weekend by Google Chrome bug
Posted by: root 2 years, 8 months ago
If you woke up Monday morning to a number of upset and confused Anroid token users, we apologize. We did too. Over the weekend Google released an update the Chrome that included a bug that deleted other app's localstorage. Unfortunately, the data is gone. The users will need to be re-registered. The new version was rolled out to 50% of Android users. Google is still working on a fix. They are not sure if the user data can be restored. We will update as we learn more.
Scalability improvements in version 5.0 of the WiKID Strong Authentication server
Posted by: root 2 years, 8 months ago
Our recent 5.0 release focused on speed and scalabilty, as well as adding a RESTful version of our API and other enhancements. The speed improvements are truly impressive.
5.0 Released!
Posted by: root 2 years, 9 months ago
We've officially released version 5.0 of the WiKID Strong Authentication Server. There are numerous improvements in this release, most under the hood. Speed is dramatically increased. We have setup a separate logging system so that logs no longer go into the postgres database. We have also fine-tuned the WiKIDAdmin web UI to increase speed and reduce overhead.
Recent Posts
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
- WiKID Android tokens had their data deleted over the weekend by Google Chrome bug
- Scalability improvements in version 5.0 of the WiKID Strong Authentication server
- 5.0 Released!
Archive
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)