The WiKID Blog, musings on two-factor authentication, information security and some other stuff.
pci-expanding-to-europe
Posted by: admin 16 years, 3 months ago
According to Security Fix Visa is going to enforce PCI DSS in Europe:
Visa Inc. on Monday dramatically expanded its credit and debit card security requirements to retailers in Europe, an unexpected move that could be a financial boon to security auditing companies, but a huge cost for European merchants already feeling the pinch from the global financial crisis.I'm fascinated that this is a surprise. My reaction was, "hmm I would have thought the PCI already applied in Europe".
how-about-stop-using-social-security-numbers-as
Posted by: admin 16 years, 3 months ago
Today I read on Martin McKay's blog that you should change your default passwords and Adam Shostack has pointed out that colleges should usen't use SSNs to track students.google-looks-to-protect-its-business-with
Posted by: admin 16 years, 3 months ago
I think Google's purchase of GreenBorder is very intersting. It shows that they see the threat that malware has to the online commerce and that they intend to do something about it. What's not clear is whether this acquisition was done with the goal of protecting payment processing (Google CheckOut) or whether it is meant to shore up security around their office application suite and their new offline access system Google Gears. Perhaps, Google is smart enough to know that both need additional security and is organized in such a way to make it happen.
Updates-on-the-blog-the-extranet-WiKID-etc
Posted by: admin 16 years, 3 months ago
I have ended the experiment of using anonymous two-factor authentication as a turing test. I don't know for sure if it kept people from posting, but I did get at least one whiny email from a potential commenter saying he didn't have time to sign up for WiKID just to post to my lame blog. I won't say who it was, but I guess your new paymaster must keep you pretty busy, though you seem to have enough time for your own side projects. I have implemented a standard captcha instead.
interesting-analysis-of-passmarks-technology
Posted by: admin 16 years, 3 months ago
Adam has pointed out a friend's new blog who has a set of interesting new blog posts, most about security and some about authentication and one in particular about Passmark's Sitekey - now deployed by Bank of America - and the issues he has with it. They fall into two categories: user interaction predictions and securityRecent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)