The WiKID Blog, musings on two-factor authentication, information security and some other stuff.
PCI Compliance
Posted by: admin 9 years ago
If you are using the WiKID Strong Authentication System to meet the PCI-DSS requirement for two-factor authentication, you should upgrade to the latest version of the server. We have a couple of fixes that popped in a scan. See the Changelogs. In particular, build 3.5.0-b1411 disabled unnecessary HTTP methods and 3.5.0-b1403 removed weak SSL ciphers from the WiKIDAdmin.
Using the WiKID API in your two-factor authentication roll-out
Posted by: admin 9 years ago
Time to get down to business with the wAuth API. The API exposes all the key functionality of the WiKID server allowing you to automate many typical two-factor authentication tasks and push functionality to the appropriate parties, such as the corporate helpdesk or HR. In this series of blog posts, I'll show you how to create the communication channel, register users and authenticate an one-time passcode. For our example, we will be setting up a CSR application in Java on a box with the IP address of 192.168.1.10. The WiKID server has an internal IP of 192.168.1.20 and an external IP of 174.129.6.100. So, the zero-padded domain identifier for the WiKID server is 174129006100. For demonstration purposes, our CSR application will be a tomcat JSP on linux in a directory called /opt/tomcat/webapps/CSR. I assume that this application will be protected by existing credentials appropriate for this level of securing and granting access.
WiKID's two-factor authentication API
Posted by: admin 9 years ago
We're kicking off a series of posts discussing our API and how to use it to make your two-factor authentication roll-out hassle-free. Most of our customers use the API if only via some of the scripts we provide. For example, we provide a sample script that allows users to register their own software tokens after validating via their Active Directory credentials. But the API is capable of much more than that. It was developed over time based on feedback from a number of our Enterprise and SaaS customers. In particular, our SaaS customers needed secure multi-tenant user management tools that allowed them to push user control to their customer and that minimized costs.
Two-factor authentication for twitter
Posted by: admin 9 years ago
New Drupal two-factor module released - CMS authentication issues
Posted by: admin 9 years, 2 months ago
WiKID is pleased to annouce the release of a two-factor authentication module for Drupal.
Recent Posts
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
- WiKID Android tokens had their data deleted over the weekend by Google Chrome bug
- Scalability improvements in version 5.0 of the WiKID Strong Authentication server
- 5.0 Released!
Archive
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)