security

A Tool to Strengthen Your Password Manager

Password managers, such as Okta Browser Plugin can defend against phishing attacks. However, to prevent the compromise of passwords, password managers need to be hardened against attacks that confuse them into misidentifying websites. To help achieve this, the Okta Research and Exploitation team (REX) has created a tool, hack_url_re, to…

The Battle Between Build vs. Buy

Every development team must decide which components to build in-house and which to offload to a 3rd party vendor. This decision is often difficult and hotly debated. After all, most developers chose this career in order to build cool things! Choosing to relinquish that control to buy a solution can seem contrary to their raison d’etre. But…

The Evolution of Zero Trust: Next Gen Access

The Zero Trust security framework was first developed by John Kindervag in 2009 while he was at Forrester Research. Zero Trust challenged the traditional security model of a firewall forming a perimeter between a trusted internal network and an untrusted external one. This security approach breaks down if a threat actor is able to penetrate that…

Mitigate Risks with Modern Password Recovery Systems

The ability to reset your password is an essential system requirement. With so many online services available, it’s common to have multiple user accounts for the various apps and services you interact with every day. Security doctrine dictates that you need a different password for each account, and that you update each one regularly. With so many…

Are You Prepared to Secure Your Millennial Workforce?

If you do a little research to try and define millennials by date or age range, you will find many competing definitions. Some measure this generational category from the mid-1970s to 2000, others state 1996 is the end date, and few only consider someone to be a millennial if they were born after the mid-1980s. However, the one underlying…

How Secure is Social Login?

Social login gives application users the ability to apply existing login information from their social media accounts to register and sign into third-party sites. But before we jump into the topic of whether social login is secure or not, let’s answer the question below. Do users really want social login? (Spoiler alert: Yes!) From a user’s point…

Taking a Risk-Based Approach to Biometrics

Biometric authentication — using the unique biological characteristics of an individual to verify their identity — has been around since the dawn of humankind. Think about it: humans use facial and voice recognition every day to identify each other. Signature recognition came about when the first contracts were originally created, and fingerprints…

What is ADFS?

Active Directory Federation Services (ADFS) is a Single Sign-On (SSO) solution created by Microsoft. As a component of Windows Server operating systems, it provides users with authenticated access to applications that are not capable of using Integrated Windows Authentication (IWA) through Active Directory (AD). Developed to provide flexibility,…

Archive