3 Things You Can Do to Prevent Account Takeovers

As you likely know, 2018 was not a good year for data security. In the first half of the year, there was a 133% increase in compromised company records compared to the first half of 2017, and an average of 291 records stolen every second. Unfortunately, just a few months in, 2019 has already seen a number of big name corporation data breaches…

OAuth: When Things Go Wrong

Picture this: you sign up for a new app, and it asks if any of your friends are using it. In order to find out, the app asks for your email address...and your password. While it seems ludicrous now, this was once considered a normal user flow. But many apps still need permissions from third-party programs. And if users can’t do this safely, they…

How FIDO2 + WebAuthn Offer a Seamless, Secure Login

For those not familiar with FIDO2, it is an improved version of the FIDO standard – popularly known for the U2F USB tokens provided by Google and Yubico. Now that we've explored what Webauthn is and reviewed critical Webauthn building blocks and protocols, I’ll use this post to break down how you can leverage WebAuthn with FIDO2 to enhance both…

The Ultimate Guide to FIDO2 and WebAuthn Terminology

In March 2019, the World Wide Web Consortium (W3C) announced that WebAuthn is now the official web standard for password-free login. With support from a broad set of applications (Microsoft Edge, Chrome, Firefox, Mobile), widespread adoption of WebAuthn is expected in coming years. In a previous blog post we went through some examples of how…

What is Credential Stuffing?

Malware often gets top billing in mainstream news reporting of cyber-threats. It makes for snappy headlines and a compelling narrative—–but it’s not the whole story. Increasingly, organisations are finding customers exposed to malware-free account takeover attacks, which could result in serious data theft. There are several ways hackers can…

How to Keep PII Secure while Migrating Users to the Cloud

Organisations are increasingly leveraging the benefits of the cloud to support employee productivity and IT efficiencies, while also delivering more compelling user experiences to their external customers and partners. Yet migrating these various users to new cloud systems can be fraught with challenges, particularly when it comes to securing…

Risk-Based Authentication: Because You Shouldn't have to Choose Between Security and Usability

Balancing security with usability is a challenge that countless organisations face—both for their customers and for their workforces. We know that making both IT teams and end users happy is no easy task, which is why we are excited to announce that Risk-Based Authentication is now Generally Available for all Okta customers. The Ongoing Struggle:…

Archive

Follow Us
Share on Linkedin Share on Youtube