Skip to main content

The WiKID Blog

The WiKID Blog, musings on two-factor authentication, information security and some other stuff.

The lessons from Guy Kawaski's twitter attack

The lessons are sadly the same.  Static passwords are weak and DNS is weak.  The answer is two-factor authentication and either mutual https authentication or better DNS.  Since DNS is unlikely to be fixed any time soon...

Cost savings WiKID vs Hardware tokens

Needless to say, we've done a lot of analysis on how much an enterprise can save by switching from hardware tokens to WiKID.  It occurred to me that security folk are suspicious people by nature, they like to see how the sausage is made and check the sources.  So, I have uploaded a copy of the spreadsheet we use to google spreadsheets. Now you can see the formulas, get your own quotes from strong authentication vendors and compare yourself.  

IRC web interface fixed

I noticed that some visitors were trying to get to #wikid using the web interface but that no one was actually joining.  I've switched the web interface to the official freenode tool and it appears that everything is working.  So if you trying to chat about two-factor authentication on #wikid, please try again!

PCI hullabaloo

So there's been a whole lot of hullabaloo on the Internet and in twitterville about PCI because of the Savvis lawsuit.

Google Apps security

Following up on our tutorial on adding two-factor authentication to Google Apps, the Google Security team has posted some thoughts on HTTPS security for Google apps and there is an interesting survey about authentication you should take if you use Google apps.  The survey results are available here.

Recent Posts

Archive

2024
2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom