Mobile phone-based two-factor authentication (2FA) mechanisms are plagued by synchronization vulnerabilities that allow attackers intercept One-Time Passwords and bypass the security of many financial services. [Read More]
A group of security researchers has discovered vulnerabilities in the reCaptcha systems of Google and Facebook, and have created an attack that is highly successful at automatically bypassing the protection system. [Read More]
Passwords remain the bedrock of authentication, increasingly supported by SMS passcodes. But many companies won't introduce that second factor simply because of the increased user friction. [Read More]
No IT organization has a seemingly unlimited budget the way that Team Oracle did in the 2013 America’s Cup race. But look closer at why spending on America’s Cup racing seems so out of control and it starts to look a bit more familiar.
Like those college recruiting compliance departments that are constantly training, monitoring, and enforcing policies, the IT compliance activity of access certifications needs to become more intelligent and real-time.