Multi-Factor Authentication

Your end users already carry multiple devices. Why not put them to use? That’s the thought behind multi-factor authentication (MFA), a solution leveraging multiple devices and factors to provide extra security: texting an authentication code to a user’s smartphone, for instance. Here’s what Okta has to say about this innovative authentication method.

The Ultimate Authentication Playbook

With the rise of of credential stuffing and similar attack methods, simple username and password authentication is not enough to deter bad actors. According to the Verizon Data Breach Investigations Report, there were over 55,000 security incidents and 2,200 confirmed data breaches in 2018, with a whopping 81% of those incidents being tied to…

3 Ways to Stop Account Takeovers Before They Begin

To put it bluntly, 2018 was a bad year for data security. Major consumer-facing corporations like Marriott and Facebook experienced some of the largest data breaches in history, exposing the data of millions of consumers. In total, 2018 saw an overall increase in compromised company records of 133% YoY, with an average of 291 records stolen every…

Investigating Modlishka Credential Attacks: Old Dog, New Tricks

You may have heard about a new phishing tool called Modlishka, and have questions about its potential impact on multi-factor authentication or single sign-on. To be clear, Modlishka is not a vulnerability in MFA or SSO. Rather, it is an automation tool designed to make it easier for attackers to phish your employees. In this post, I will outline…

WebAuthn, the Road to Passwordless, and Other Considerations

Passwords. Most of us have a love-hate relationship with them. Security best practices and common sense tells us to pick unique, hard-to-guess passwords for every account, which makes management of them a pain, or leads to bad password habits like reusing them. Then there’s the inherent security of passwords, or rather, the insecurity of them. As…

A Data Breach Risk Assessment Checklist

When it comes to data security, there’s no such thing as too big to fail. Chances are, if you’ve switched on the news recently you’ve heard of at least one high-profile data breach. Perhaps of even greater concern is that a few large organizations have fallen victim to multiple data breaches in the past few years. This is a surefire sign that…

The Battle Between Build vs. Buy

Every development team must decide which components to build in-house and which to offload to a 3rd party vendor. This decision is often difficult and hotly debated. After all, most developers chose this career in order to build cool things! Choosing to relinquish that control to buy a solution can seem contrary to their raison d’etre. But…

Off the Beaten Path: How Okta Supports MFA on LDAP in the Cloud

Okta provides an LDAP interface in the cloud (great for hybrid IT and hybrid cloud deployments). The interface does not require an agent on-premises and supports Multi-Factor Authentication (MFA) over LDAP—even though the LDAP protocol doesn't natively support MFA. In this blog post, I’ll explain why and how Okta does it. Okta LDAP interface:…

The Evolution of Zero Trust: Next Gen Access

The Zero Trust security framework was first developed by John Kindervag in 2009 while he was at Forrester Research. Zero Trust challenged the traditional security model of a firewall forming a perimeter between a trusted internal network and an untrusted external one. This security approach breaks down if a threat actor is able to penetrate that…

Archive