authentication

The death of the password has been predicted for a very long time, though other methods are now gaining significant traction.

Perhaps the most successful of these is the use of biometrics. We talked to David Stauffer, director of sales North America at Veridas, about how biometrics is transforming authentication across financial services and telcos, and how voice-based verification enhances security against fraud, user experience and operational efficiency.

The first day of May has numerous competitors for its patronage. It's May Day, of course, and it's International Labor Day, and apparently it's Global Love Day. Since 2013 it's also been World Password Day -- created by Intel to highlight concerns around digital security.

As of last year though there's been further competition from the upstart World Passkey Day. So are we finally seeing a serious challenge to the dominance of passwords as an authentication method?

New research from hardware authentication security key provider Yubico shows nearly half of Gen Z (47 percent) and Millennials (46 percent) have had their social media account passwords hacked.

It's no surprise then that these generations are keen to adopt hardware security keys, reflecting a growing mistrust of traditional passwords and a shift toward more secure, physical authentication methods.

As technology has become a key part of more areas of our lives, ensuring our information remains secure is essential. The majority of data breaches are due to credentials that have been compromised in some way so we really need to look beyond passwords.

Biometrics is one area that's gaining in popularity so we spoke to Tina D'Agostin, CEO of biometric access control specialist Alcatraz AI, to discuss the rising popularity of AI-powered biometric security solutions, and its benefits.

A new global study reveals that 58 percent of people use a username and password to login to personal accounts and 54 percent do so to login to work accounts.

The report from Yubico, based on a study of 20,000 people around the world carried out by Talker Research, reveals a worrying lack of awareness of best practices for authentication. 39 percent think username and password are the most secure and 37 percent think mobile SMS based authentication is the most secure, though both are highly susceptible to phishing attacks.

Several months after announcing its intention to do so, Microsoft has official deprecated the NTLM (NT LAN Manager) authentication protocol in Windows and Windows Server.

NTLM is now a very old protocol which has been superseded by the more secure and feature-rich Kerberos. It will still be possible to use NTLM until the next release of Windows and Windows Server, but Microsoft is keen for users to take action now.

Passkeys, cryptographic keys that lets users log in to accounts and apps without entering a password, have been around for a while but mostly on computers.

Now though Keeper Security has introduced passkey management support for both both Android and iOS mobile devices.

Microsoft has quietly announced plans to deprecate TLS server authentication certificates using RSA keys with key lengths shorter than 2048 bits.

The change means that it will not be possible to use 1024-bit keys, although Microsoft is yet to reveal exactly when the changeover will start. This is important information for companies using aging hardware and software as it will mean weaker keys can no longer be used for authentication.

Whether it's due to high-profile attacks or new defensive technologies, the world of cybersecurity is never far from the news.

Here is what some industry experts think the cybersecurity trends will be in the coming year.

With the development of new technologies, cyber threats are becoming more sophisticated, and personal data remains one of the most desirable targets. The Verizon Data Breach Investigations Report states that 49 percent of hacks use credentials.  

Traditional authentication methods, such as username and password with standard Multi-Factor Authentication (MFA), are no longer sufficient to protect sensitive information and systems from unauthorized access. According to Microsoft, there are 1287 password attacks every second. Consequently, businesses must adopt more sophisticated and layered methods of user authentication. One of these methods is Advanced Authentication.

Corporate information security has traditionally used the 'castle' approach, using a strong boundary to keep everything secure.

But as we've moved to hybrid working and more sharing of information the castle is too restrictive and we've moved towards a 'city' model, allowing open routes to trade with assets widely distributed.

The shift towards cloud and hybrid models of IT along with containerization has placed greater emphasis on the need for secure authentication, whether it’s via passwords, certificates or keys.

Managing these 'secrets' effectively is therefore key to keeping systems secure. We spoke to Oded Hareven, co-founder and CEO at Akeyless Security to find out more.

We've been hearing predictions surrounding the end of the password for many years, but a new survey of 300 US IT decision makers reveals that 68 percent say passwords aren't dead and 53 percent think they're simply evolving into something new.

The study, conducted by Censuswide for Delinea, is aimed at understanding the future of passwords in the workplace in light of recent traction by other authentication options in consumer technology such as smartphones, personal email accounts, and mobile apps.

Passkeys are often touted as being the way to achieve a passwordless future. But as yet passkeys are supported by only a small number of websites. Passkeys are a safer, more efficient way of authenticating users, but it will be a long time before they become the norm -- if indeed they ever become the norm.

We talked to Darren Guccione, CEO and co-founder of Keeper Security, to discuss the use cases for passkeys, the barriers to mass adoption and how users can adopt and secure passkeys in conjunction with their passwords.

The death of the password has been predicted for a long time, yet despite increased adoption of biometrics, passkeys and other newer technologies, passwords still underpin much of our day-to-day security.

We spoke to Darren James, senior product manager at Specops Software, to discuss passwords, whether they still have a future and where authentication is heading.