Articles about authentication

The first day of May has numerous competitors for its patronage. It's May Day, of course, and it's International Labor Day, and apparently it's Global Love Day. Since 2013 it's also been World Password Day -- created by Intel to highlight concerns around digital security.

As of last year though there's been further competition from the upstart World Passkey Day. So are we finally seeing a serious challenge to the dominance of passwords as an authentication method?

Continue reading →

New research from hardware authentication security key provider Yubico shows nearly half of Gen Z (47 percent) and Millennials (46 percent) have had their social media account passwords hacked.

It's no surprise then that these generations are keen to adopt hardware security keys, reflecting a growing mistrust of traditional passwords and a shift toward more secure, physical authentication methods.

Continue reading →

As technology has become a key part of more areas of our lives, ensuring our information remains secure is essential. The majority of data breaches are due to credentials that have been compromised in some way so we really need to look beyond passwords.

Biometrics is one area that's gaining in popularity so we spoke to Tina D'Agostin, CEO of biometric access control specialist Alcatraz AI, to discuss the rising popularity of AI-powered biometric security solutions, and its benefits.

Continue reading →

A new global study reveals that 58 percent of people use a username and password to login to personal accounts and 54 percent do so to login to work accounts.

The report from Yubico, based on a study of 20,000 people around the world carried out by Talker Research, reveals a worrying lack of awareness of best practices for authentication. 39 percent think username and password are the most secure and 37 percent think mobile SMS based authentication is the most secure, though both are highly susceptible to phishing attacks.

Continue reading →

Several months after announcing its intention to do so, Microsoft has official deprecated the NTLM (NT LAN Manager) authentication protocol in Windows and Windows Server.

NTLM is now a very old protocol which has been superseded by the more secure and feature-rich Kerberos. It will still be possible to use NTLM until the next release of Windows and Windows Server, but Microsoft is keen for users to take action now.

Continue reading →

Passkeys, cryptographic keys that lets users log in to accounts and apps without entering a password, have been around for a while but mostly on computers.

Now though Keeper Security has introduced passkey management support for both both Android and iOS mobile devices.

Continue reading →

Microsoft has quietly announced plans to deprecate TLS server authentication certificates using RSA keys with key lengths shorter than 2048 bits.

The change means that it will not be possible to use 1024-bit keys, although Microsoft is yet to reveal exactly when the changeover will start. This is important information for companies using aging hardware and software as it will mean weaker keys can no longer be used for authentication.

Continue reading →

Whether it's due to high-profile attacks or new defensive technologies, the world of cybersecurity is never far from the news.

Here is what some industry experts think the cybersecurity trends will be in the coming year.

Continue reading →

With the development of new technologies, cyber threats are becoming more sophisticated, and personal data remains one of the most desirable targets. The Verizon Data Breach Investigations Report states that 49 percent of hacks use credentials.  

Traditional authentication methods, such as username and password with standard Multi-Factor Authentication (MFA), are no longer sufficient to protect sensitive information and systems from unauthorized access. According to Microsoft, there are 1287 password attacks every second. Consequently, businesses must adopt more sophisticated and layered methods of user authentication. One of these methods is Advanced Authentication.

Continue reading →

Corporate information security has traditionally used the 'castle' approach, using a strong boundary to keep everything secure.

But as we've moved to hybrid working and more sharing of information the castle is too restrictive and we've moved towards a 'city' model, allowing open routes to trade with assets widely distributed.

Continue reading →

The shift towards cloud and hybrid models of IT along with containerization has placed greater emphasis on the need for secure authentication, whether it’s via passwords, certificates or keys.

Managing these 'secrets' effectively is therefore key to keeping systems secure. We spoke to Oded Hareven, co-founder and CEO at Akeyless Security to find out more.

Continue reading →

We've been hearing predictions surrounding the end of the password for many years, but a new survey of 300 US IT decision makers reveals that 68 percent say passwords aren't dead and 53 percent think they're simply evolving into something new.

The study, conducted by Censuswide for Delinea, is aimed at understanding the future of passwords in the workplace in light of recent traction by other authentication options in consumer technology such as smartphones, personal email accounts, and mobile apps.

Continue reading →

Passkeys are often touted as being the way to achieve a passwordless future. But as yet passkeys are supported by only a small number of websites. Passkeys are a safer, more efficient way of authenticating users, but it will be a long time before they become the norm -- if indeed they ever become the norm.

We talked to Darren Guccione, CEO and co-founder of Keeper Security, to discuss the use cases for passkeys, the barriers to mass adoption and how users can adopt and secure passkeys in conjunction with their passwords.

Continue reading →

The death of the password has been predicted for a long time, yet despite increased adoption of biometrics, passkeys and other newer technologies, passwords still underpin much of our day-to-day security.

We spoke to Darren James, senior product manager at Specops Software, to discuss passwords, whether they still have a future and where authentication is heading.

Continue reading →

User authorization for access to data is complicated. Knowing who has access to what information is often difficult because of complex role hierarchies, different authorization models used for different technologies, and the variety of data that may be accessible across technologies and clouds.

Ben Herzberg, chief scientist at data security platform Satori, believes there's often a blindspot around authorization, but that the issue doesn't have to be as complex as it can seem. We talked to him to learn more.

Continue reading →