ID Management News, Articles and Updates

Inherent security flaws of single-sign-ons; 2FA without passwords urged

Raz Rafaeli suggests perhaps it's time to rethink authentication altogether, and eliminate password-based "something you know," the Achilles' heel of authentication. That leaves "something you have" and "something you are."

You can't even trust your Sysadmins to use complex passwords

The majority of sysadmins - 86 percent - use only the most basic username and password authentication to access and protect their main business account on-site.

Avoiding the trap of data breach fatigue using identity analytics

Todd Peterson warns that if we are told the intruder is already inside, then identity and access management can minimise impact as identity analytics provides insight into potential risk before anything bad can happen.

IBM or Microsoft's vision for ID verification & device authentication?

Whether IBM or Microsoft's vision prevails, identity verification and device authentication are still a factor in security says Mike Lynch.

ID & access: Halt, who goes there?

Evolving ID and access management options have gone from central control of a rigid boundary to multiple ID options, distributed assets, IoT machine ID and variable authentication reports Danny Bradbury*