Skip to main content

The WiKID Blog

Viewing posts tagged Two Factor Authentication

drive-by-pharming-seen-in-the-wild

Symantec has spotted Drive-by pharming attacks in the wild

dns-and-mutual-authentication

Once again, Amit Klein has hacked DNS. Once again, we'll say if you are doing high-value web-based transactions, you should consider using Mutual Authentication for HTTPS.

features-and-functionality-for-consumer-acceptable

Anton Chuvakin posts a response to this post about the PayPal tokens. These posts point out a number of desired features for broad-based consumer roll-out of two-factor authentication, such as the hope for a single token to work everywhere. but fail to mention that token won't stop phishing (one of the commenters does point that out).

comment-status

As with every blog out there, we've been battling comment and trackback spam. I had turned off comments altogether, but now have turned them back on. Comments are still protected by WiKID Strong Authentication, but you can add a comment anonymously. Here's how to do it:

mutual-authentication-and-ssl-based-vpns

Much of the discussion of the need for strong mutual authentication has focused on consumer applications - in particular the failings of non-cryptographic, image-based solutions. However, there is also a risk for corporate VPN access where SSL-based VPNs are deployed. Creating a man-in-the-middle attack that thwarts SSL-based VPNs is trivial with the proliferation of WiFi networks.

Recent Posts

Archive

2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom