SecurityRatty: tag: authentication

End user security psychology, part II: Can knowledge-based authentication be effective?

2008-04-02 11:11:25 by Bill Nagel in Security & Risk Management

...authentication process drags on -- the more gantlets a user needs to run before being let in a site's front door -- the less secure those users perceive the site is Implementations of knowledge-based authentication (KBA) -- asking "secret", out-of-wallet questions that presumably only the end user knows the answers to -- on the Web have been...

Tags: authentication, authentication measures, authentication process drags, kba, security, single-factor authentication, implement kba, users, users perceive

Keyloggers: Why Banks Need Two-Factor Authentication

2008-01-14 11:55:21 by Tim Bass in The Complex Event Processing Blog

...authentication . To illustratemy keypoints, I showedthe captive audiencevarious pictures of hardware keyloggers, for example the small black keylogger circled in the figure below There are PS2 keyloggers (illustrated above)and USB keyloggers. There are even keyboards with the keyloggers built into normal looking keyboards, so you have no...

Tags: two-factor authentication, keyloggers, inexpensive two-factor authentication, usb keyloggers, hardware keyloggers, 2fa involves, time, black keylogger, keylogger

Increased Interest in Device-Specific Strong Authentication

2007-09-14 00:00:00 by Sean Kline in Speaking of Security, the RSA Blog and Podcast

...authentication mechanisms on a variety of client devices. Service providers, also, are interested in ensuring that end users are able to employ their mobile phones for two-factor authentication. Such organizations may also play the role of outsourcer and are concerned with the provisioning of credentials and new support models. Some of the...

Tags: mobile devices, credentials, strong authentication credentials, mobile phones, secure remote access, global mobile subscriptions, strong authentication mechanisms, phones, two-factor authentication

Understanding multifactor authentication features in IAM suites

2008-05-20 12:01:24 by Joel Dubin in WhatIs: Enterprise IT tips and expert advice

Enterprises often make the mistake of assuming that IAM suites come with tightly integrated multifactor authentication features, but in reality making sure they work together well can be a challenge. In this tip, IAM luminary Joel Dubin explains why multifactor authentication is worth the effort and how to make it work well with IAM suites

Tags: multifactor authentication, multifactor authentication features, iam suites, effort, worth, enterprises, tightly, tip, reality

Identity federation standards ease authentication pains

2008-07-02 10:38:31 by Perry Carpenter, Contributor in WhatIs: Enterprise IT tips and expert advice

Federation frameworks like SAML, OpenID and Cardspace promise to make authentication easier across applications and the Web. How do these frameworks compare, and what do they offer for financial services organizations looking to ease the authentication process? This tip explains

Tags: financial services organizations, tip explains, ease, authentication process, authentication easier, cardspace promise, federation frameworks, frameworks compare, openid

Top Five Intriguing Ideas for Authentication in 2008

2007-12-10 00:00:00 by Sean Kline in Speaking of Security, the RSA Blog and Podcast

...authentication) that they need and take a more holistic approach to implementing their strategy

Tags: strategy, information risk management, organizations, broader strategy, increasingly adopt frameworks, authentication, individual applications, security doilies, controls

Yahoos Browser-Based Authentication service

2006-09-29 20:52:58 by Liudvikas Bukys in Liudvikas Bukys

Yahoos release of open access to its BBAuth authentication service (see also here and here ) is a big step forward. Its just the thing for many simple applications. Its not as good as a user-controlled cross-provider identity scheme, but the emergence of a few real high-volume competing web services will help drive us there

Tags: cross-provider identity scheme, bbauth authentication service, real high-volume, step forward, yahoos release, simple applications, web services, emergence, access

Extensible Authentication Protocol (EAP) Security Issues

2008-03-09 00:00:00 by Editor in Infosec Writers Latest Security Papers

This document, written by Samuel Sotillo, presents an overview on some security issues that affect the Extensible Authentication Protocol as defined by the IETF RFC 3748

Tags: extensible authentication protocol, security issues, ietf rfc, samuel sotillo, overview, affect, document

SQL Server security: Enhancements in encryption, authentication and auditing

2008-03-14 14:51:56 by Sue Troy in WhatIs: Enterprise IT tips and expert advice

SQL Server's security capabilities have advanced considerably since SQL Server 2000, with significant changes made to encryption, authentication and auditing. Find out what the key changes are and what the current version can offer your customers

Tags: sql server, encryption, security capabilities, authentication, current version, offer, considerably, key, significant

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo