Skip to main content

The WiKID Blog

Viewing posts tagged Two Factor Authentication

Scalability notes for the WiKID Strong Authentication server

Large two-factor authentication deployments are becoming more and more common these days as  enterprises deploy it to more and more employees .  We're also seeing more SaaS providers needing to meet regulations such as HIPAA and PCI.   These enterprises have large user bases and need scalable, reliable, affordable two-factor authentication.   We have the affordable part covered (you can see our pricing online) and we are highly incented to provide reliable software thanks to our annual subscription license.  But how scalable is WiKID?

Latest release pushes into Privileged Access Management

The 4.1 release of the WiKID Strong Authentication Server - Enterprise Edition includes the ability to use one-time passcodes for Active Directory accounts. We noted an increasing focus on privileged accounts.  Companies need these accounts to manage windows PCs and infrastructure.  Multiple  system admins need to have the credentials for them too.  So, organizations often have shared spreadsheets with credentials.  You can put them into a "password vault" but then there is still a password to the vault and an attacker that is already on the system can still perform a 'pass-the-hash' attack to escalate their privilege. 

Yet another reason to add two-factor authentication to your admin accounts

Seems like we just made the case for requiring two-factor authentication for Cisco Admins due to the SYNFul attack.  Now here's another one.

SYNFUL attack shows the need for 2FA on routers

Cisco has confirmed that the SYNFUL attacks discovered byFireEye are not the result of a vulnerability but rather:

Why you need a stand-alone two-factor authentication server

We do a fair amount of testing and documentation for commercial and open-source VPNs (Cisco, SonicWall, Sophos, Checkpoint, etc, etc).  Increasingly, we see VPNs embedding some type of two-factor authentication into their product.   The idea is to make it simple to add 2FA to your VPN services, a laudable goal and perhaps sufficient for some small organizations.  So, when should you consider using a stand-alone service instead?

Recent Posts







RSS / Atom