Blog Posts Tagged with "Authentication"


Authentication - It's All about Risk

October 20, 2010 Added by:Guy Huntington

I have watched the evolution of LDAP directories, SSO, provisioning and content management. What I see coming is an even greater change when internet application programming languages as data clouds come into being. All of this introduces new risk and requires different levels of trust...

Comments  (1)


Single Sign On – Prem vs Cloud

October 12, 2010 Added by:Ben Kepes

While it’s probably fair to say that the majority of enterprises targeted by Passlogix are Windows shops, there are parallel trends occuring – one is the move to online applications that solve a point problem and give some autonomy to individual business units outside of IT...

Comments  (0)


Just In Time for Fall: Introducing Touchdown Tasks

October 07, 2010 Added by:Brent Huston

Each month, we focus on a specific, measurable task you can use to firm up your own security strategy. The tasks focus on authentication credentials to identify and remove all network, system and application access that does not require secure authentication credentials or mechanisms...

Comments  (0)


More on Twelve Character Passwords

October 05, 2010 Added by:Guy Huntington

Obtaining passwords is so easy using social engineering that it negates the use of a password with special characters and X length. When I go onto client sites one of the first things I do is look under keyboards, behind the screens etc, where I usually find the password written down...

Comments  (3)


Phone Jamming and Your Security

July 30, 2010 Added by:Guy Pace

Financial institutions set up a number of security questions to try to positively identify you when you call. Unfortunately, most of the standard questions are very lame, and the answers are easy to find...

Comments  (0)


Default, Blank and Weak Username/Passwords

July 22, 2010 Added by:Application Security, Inc.

Application Security, Inc.’s Team SHATTER has researched the Top 10 Database Vulnerabilities in order to you with the most up-to-date vulnerabilities, risk and remediation information. Today’s topic is Default, Blank & Weak Username/Passwords...

Comments  (0)


Open Betas for IPD Guides Available for Download

July 18, 2010 Added by:Jay Ferron

The Infrastructure Planning and Design guide for Microsoft Forefront Identity Manager (FIM) 2010 provides actionable guidance for designing a FIM 2010 infrastructure...

Comments  (1)


Configuring Security in Glassfish v3

July 17, 2010 Added by:Joe Morrissey

Configuring a security realm in Glassfish v3 to tie in with your pre-existing MySQL database for user credentials is actually easier than you might think...

Comments  (0)


Credit Card Connoisseur

July 08, 2010 Added by:Ron Baklarz

This authentication mechanism could be compromised and moreover, I would very much like to see the security scheme around the kiosk's ability to protect the PII associated with the driver's license as well as the PCI-DSS protections since the machines will accept credit and debit cards...

Comments  (1)


Personal Knowledge or “Qualifying Questions” as Authenticators

May 03, 2010 Added by:Robert Siciliano

How many times have you forgotten a password? Fortunately the website you were on only needed your username or an email address and they would respond with a few questions for you to answer. Once you responded with what was in the system you then re-set your password and you’re in.  Easy peazy.

Comments  (2)


Under illumination variations, exploiting 3D image for ‘Face Authentication’ in Biometrics…

May 02, 2010 Added by:K S Abhiraj

This article shows some of the basic techniques through which, Biometic authentication worked before.. and a basic mean how it could be crooked up, for gaining authentication. Automatic recognition of human faces is extremely useful in a wide area of applications, such as face identification for security and access control, surveillance of public places, mug shot matching and other commerc...

Comments  (0)


Biometrics: Where do we stand?

April 16, 2010 Added by:Aaron Simmons

New Hampshire recently voted down the bill (HB 1409) and sided with the Security Industry to allow Biometrics.  So now that security is becoming a priority, where does it stand in the role of Authentication Verification? There are several methods for verification, (Biometric, PIN, Token and even Telephone Call Back/SMS).  Each one of these has its pro’s ...

Comments  (2)


Enhanced Authentication Now Available on Infosec Island

February 17, 2010 Added by:Infosec Island Admin

Infosec Island™, the new community for IT and information security professionals, today announced that its new enhanced authentication service based on the SyferLock™ GridGuard™ solution, is now live.

Comments  (5)


Road Map for an Application/Software Security Architect (Part 5)

December 30, 2009 Added by:Stephen Primost

Without a Digital Identity, how would you expect to do any authentication? And with an incomplete Digital Identity, how would you expect to get the authorization done correctly? Without the proper data model and the expectation that it would have the correct data (besides being in the right place at the right time), securing a system is impossible, although having the information, it is the easies...

Comments  (0)

Page « < 9 - 10 - 11 - 12 - 13 > »