The WiKID Blog, musings on two-factor authentication, information security and some other stuff.
Google's "Two-Step Verification"
Posted by: admin 14 years, 2 months ago
Kudos to Google for putting more security around their authentication for Google Apps. Apparently, two-step authentication will be coming to Gmail as well once they feel comfortable.
Software Tokens: Less expensive, easier to use.
Posted by: admin 14 years, 3 months ago
So it has been quite a while since my post about the Security of Software Tokens. In that post, I pointed out that using public key encryption eliminates the problem of securing the seed. There is no seed. I also pointed out that if you're concerned about malware, fight malware.
Living up to "Two-factor Authentication that doesn't suck"
Posted by: admin 14 years, 3 months ago
At the SecurityTwits Meetup during DefCon, James Arlen aka @myrcurial introduced me to someone as being from "WiKID Systems - two-factor authentication that doesn't suck". This is high praise. The first question was "What doesn't suck about WiKID?". While it was enough for James that we not be $3letterCompetitor, that's not enough for me. I've really been thinking about what it means to not suck.
Secure (?) Internet access for DefCon/BlackHat/BsidesLV
Posted by: admin 14 years, 4 months ago
Every year at DefCon there is a Wall of Sheep where the usernames and passwords for non-encrypted logins are posted and every year there are usernames and password on it.
iOS 4 struggles
Posted by: admin 14 years, 5 months ago
The iOS 4 upgrade for the iPhone breaks the WiKID token. We're looking into and hope to have something fixed shortly.
Recent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)