Two-factor and multifactor authentication strategies
User names and passwords are no longer enough and more enterprises are deploying two-factor or multifactor authentication products. Browse the articles and advice in this section for the latest information on using strong authentication in your organization.
Top Stories
-
News
14 Apr 2021
Engineering firm mitigates ransomware attack with Nasuni
Ransomware got in through an exploit in an older version of SQL Server, but Dennis Group used Nasuni to restore its systems back to a pre-attack state with minimal data loss. Continue Reading
-
Tip
08 Feb 2021
7 privileged access management best practices
Privileged access is a given in enterprise environments, but it presents many security issues if breached. Follow these seven PAM best practices to mitigate risk. Continue Reading
-
News
26 May 2016
Retiring obsolete SHA-1 and RC4 cryptographic algorithms, SSLv3 protocol
Microsoft speeds deprecation of SHA-1, Google dropping support for RC4, SSLv3, as web software publishers approach end of life for obsolete cryptographic algorithms and protocols. Continue Reading
-
Answer
06 May 2016
How can Kerberos protocol vulnerabilities be mitigated?
Microsoft's Kerberos protocol implementation has long-standing issues with its secret keys. Expert Michael Cobb explains how to mitigate the authentication vulnerabilities. Continue Reading
-
Answer
22 Mar 2016
What's the difference between two-step verification and 2FA?
The terms two-step verification and two-factor authentication are used interchangeably, but do they differ from one another? Expert Michael Cobb explains. Continue Reading
-
Answer
18 Jun 2015
Can simple photography beat biometric systems?
Simple photography cracking biometric systems highlights the need for two-factor authentication in enterprises according to expert Randall Gamby. Continue Reading
-
Buyer's Guide
13 May 2015
Multifactor authentication: A buyer's guide to MFA products
In this SearchSecurity buyer's guide, learn how to evaluate and procure the right multifactor authentication product for your organization. Continue Reading
-
News
24 Apr 2015
NIST wants help building the one ID proofing system to rule them all
The U.S. government wants to solve the weaknesses in online ID proofing systems, but it needs the help of enterprise and security professionals in order to overcome privacy concerns and other issues. Continue Reading
-
Definition
02 Apr 2015
active RFID (active radio frequency identification)
Active RFID (radio frequency identification) tags are continuously operating, battery-powered sensors that gather and transmit data to a reading device. Continue Reading
-
Definition
12 Feb 2015
strong authentication
Although it is not a standardized term, with set criteria, strong authentication can be said to be any method of verifying the identity of a user or device that is intrinsically stringent enough to ensure the security of the system it protects by withstanding any attacks it is likely to encounter. Continue Reading
-
Feature
30 Jan 2015
The top multifactor authentication products
Multifactor authentication can be a critical component of an enterprise security strategy. Here's a look at the top MFA products in the industry. Continue Reading
-
Definition
15 Dec 2014
machine authentication
Machine authentication is the authorization of an automated human-to-machine or machine-to-machine (M2M) communication through verification of a digital certificate or digital credentials. Unlike user authentication, the process does not involve any action on the part of a human. Continue Reading
-
Definition
11 Dec 2014
four-factor authentication (4FA)
Four-factor authentication (4FA) is the use of four types of identity-confirming credentials, typically categorized as knowledge, possession, inherence and location factors. Continue Reading
-
Definition
03 Dec 2014
Duo Security
Duo Security is a vendor of cloud-based two-factor authentication products. Continue Reading
-
Tip
04 Nov 2014
Why mobile user authentication is more important than ever
Encrypting data is a good first step, but if you don't properly authenticate users, sensitive information can still fall into the wrong hands. Continue Reading
-
Definition
29 Aug 2014
GPS tracking
GPS tracking is the surveillance of location through use of the Global Positioning System (GPS ) to track the location of an entity or object remotely. The technology can pinpoint longitude, latitude, ground speed, and course direction of the target. Continue Reading
-
Definition
24 Jul 2008
LEAP (Lightweight Extensible Authentication Protocol)
LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections. LEAP is designed to provide more secure authentication for 802.11 WLANs (wireless local area networks) that support 802.1X port access control. Continue Reading
-
Answer
20 Mar 2008
What is the purpose of RFID identification?
RFID identification can be used to keep track of everything from credit cards to livestock. But what security risks are involved? Continue Reading
-
Answer
04 Mar 2008
What techniques are being used to hack smart cards?
Hacked smart cards are a large potential threat to enterprises that utilize them. Learn how to thwart smart card hackers. Continue Reading
-
Answer
04 Jun 2007
Is the use of digital certificates with passwords considered two-factor authentication?
In this SearchSecurity.com Q&A identity management and access control expert Joel Dubin identifies the factors that contribute to two-factor authentication, such as smart cards and digital certificates. Continue Reading