Skip to main content

The WiKID Blog

The WiKID Blog, musings on two-factor authentication, information security and some other stuff.

Torpig data shows that even SSL logins are vulnerable

From the fascinating analysis of the Torpig botnet:

Two-factor authentication for Web-application developers

We've done some re-arranging in the documentation area, creating  a special how-to section for adding two-factor authentication to Web-enabled applications.  Currently, we have:

WiKID Strong Authentication server adds support for SAML Single Sign-On Service for Google Apps

We've added built-in support for Google Apps For Your Domain SAML/SSO to the community edition of the WiKID Strong Authentication server.  It's a pretty slick way of adding two-factor authentication to Google's services.  While I'm a big fan of the cloud, I also like having control and two-factor authentication gives you a lot more confidence about who is accessing your information in the cloud. 

Another nail for SMS authentication

Now that European banks are using SMS messaging for authentication, criminals are paying top dollar for used Nokia phones that can be reprogrammed due to a bug to work with any phone number.  We've discussed why SMS authentication is a bad idea before.  Here's more evidence.

A Customer service story

You can see the long version in the IRC logs

Recent Posts

Archive

2024
2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom