Viewing posts tagged Authentication Attacks
Another nail for SMS authentication
Posted by: admin 15 years, 7 months ago
Now that European banks are using SMS messaging for authentication, criminals are paying top dollar for used Nokia phones that can be reprogrammed due to a bug to work with any phone number. We've discussed why SMS authentication is a bad idea before. Here's more evidence.
Summary of the Congressional PCI hearings
Posted by: admin 15 years, 8 months ago
Anton Chuvakin has a nice summary of the recent PCI hearings in congress.
Adding two-factor authentication to phpBB
Posted by: admin 15 years, 9 months ago
In light of the recent phpBB password issues, I threw together a quick how to on adding two-factor authentication to phpBB. By quick I mean that I used radius at that apache level. You could also use the WiKID php network client.
PHPBB password analysis
Posted by: admin 15 years, 10 months ago
Dark Reading has an analysis of the passwords exposed in the recent PHPBB attack. It's interesting and I'm sure that people do use passwords that are too simple. However, the fact that you can analyize the passwords proves that it makes no difference what password you choose! So, the simple the better until the site moves up to two-factor authentication.
embedding-wikid-two-factor-authentication-in-your
Posted by: admin 15 years, 10 months ago
One of our customers, Online Banking Solutions offers banks and financial institution software for commercial account management. They have embedded WiKID for two-factor session authentication and mutual https authentication in both the server side and on their optional client. The combined client facilitates the initial validation process, performs session authentication using the one-time passcode and performs mutual https authentication to prevent MITM attacks.
Recent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)