Skip to main content

The WiKID Blog

Viewing posts tagged Two Factor Authentication

SSH key management a potential risk

We've long said that while we love SSH, SSH key management is a weak point, especially if you need to meet compliance requirements such as PCI.  Now Charles Kolodgy of IDC is saying the same thing:

Reporting via our API

Reporting is a fact of life. And to be honest, good reporting is good for security. In this post, we will take a look at the reports you can generate via the wAuth API to help monitor and manage your two-factor authentication installation.

Google search reveals private Telstra customer data

A man googling for some information on SMS carrier access codes stumbled upon private Telstra customer data. The data could be used to authenticate a user to the phone company, allowing account take-over.  There appears to be a pattern:

Wisdom about two-factor authentication based on facts

There is one quote in the Verizon DBIR that speaks volumes about the value of two-factor authentication to enterprise users:

PCI Compliance

If you are using the WiKID Strong Authentication System to meet the PCI-DSS requirement for two-factor authentication, you should upgrade to the latest version of the server.  We have a couple of fixes that popped in a scan.  See the Changelogs.  In particular, build 3.5.0-b1411 disabled unnecessary HTTP methods and 3.5.0-b1403 removed weak SSL ciphers from the WiKIDAdmin.

Recent Posts

Archive

2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom