Skip to main content

The WiKID Blog

Viewing posts tagged Two Factor Authentication

Best Practices

There were a number of tweets yesterday about "best practices".  This took me back to Adam Shostack's post at New School on his best practice: Think.  Now I am throwing my hat in the ring with:

Secure internet access from security conferences

Have you ever been on the Wall of Sheep at a security conference?  Do you go without Internet to avoid the same? Well no more (at least for RSA/BsidesSF).

Security Missteps Made in the Name of Compliance

In the Five Security Missteps made in the Name of Compliance, Bill Brenner lists "How to Botch Multi-factor Authentication" first.  The point is that if you open holes for users that have forgotten their hardware tokens, you have circumvented your own security, eliminating the value of two-factor authentication.

The Great PCI Debate from Shmoocon

I really enjoyed the PCI debate at Shmoocon, but probably because it was more circus than it should have been. (Here's another summary from Anton Chuvakin)  The pertinent points I came away with where:

SANS Institute Critical Controls

"The SANS Institute has released their "Twenty Critical Security Controls for Effective Cyber Defense: Consensus Audit Guidelines".  Note that  two-factor authentication is listed under boundary controls:

Recent Posts

Archive

2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom