Every time a data breach hits the headlines it is accompanied with calls for organisations to find ways to better manage passwords, misguided advice on how to make them stronger, or suggestions for alternatives. The move away from password-based login credentials is for most (whether consumer or corporate) the goal, but there needs to be..
There is a roaring trade in paper password notebooks. A quick look on Amazon and you will find passwords journals, passwords keepers, Internet address and password log book and even and I Love My Password! book, amongst many others. Seemingly, these go against everything we are told by security professionals. Passwords are secrets and as..
Has the new password you are about to set already been Pwned? One way to find out is to download the 5.3GB database of 306 million passwords that are known to have been compromised (Pwned) in data breaches. If you don’t have time to trawl the list and who does? Then Troy Hunt at ‘Have..
With so much talk over the past 12 months regarding the personal liability of Directors of organisations that are found to be non-compliant with GDPR by next May, and cyberattacks such as WannaCry making the national news, it would be hard for any C-level executive to have not put two and two together and place..
The Internet of Things (IoT) has the potential to transform how we all live. However, one of the biggest issues with the adoption of these devices in our offices and homes is the fact this cutting-edge technology is cutting a corner by using primitive security – passwords. The problem is that people are buying these..
Over the weekend it was widely reported that the approx. 90 email accounts in the UK Parliament had been compromised, in a brute force attack that looked to exploit accounts ‘protected’ by weak passwords, an example of which might be Westminster123 or JohnSmithMP! According to reports, these 90 accounts represent less than 1% of the..
Just as complete strangers will not think twice about discussing their embarrassing ailments as soon as they discover someone is a doctor, the same can be said of IT security professionals. Was an email a scam? Should I have clicked on that link? Is online banking safe? What antivirus do you recommend? The list is..
So, you made the wise decision to look at options to replace passwords in your organisation. Good idea! You may have also thought that the Infosec show in London last week would be the obvious place to do some homework, but was it? I have attended the UK’s premier information security expo for many years..
In recent videos we have explained the different elements of multi-factor authentication, from 1.5 Factor Authentication, through to 2FA and 3FA. But, how do you decide the number of factors to use in order to deliver the appropriate level of security? In this new video blog Authlogics gives you the answer. You need to be thinking about risk..
Last week I posted a video explaining Authlogics approach to 1.5FA. This week, I want to talk about 3FA which is an extension of 2FA (something you have and something you know) by the addition of something you are doing that is specific to a task, typically known in the industry as transaction signing.