I’ve taken a lot of questions lately on the topic of KBA. KBA (Knowledge Based Authentication) is a general term that covers several types of scenarios where users are asked a set of questions to verify their identity for situations where there isn’t another credential available to authenticate the user. There are various cases where this [...]
Archive for the 'Security' Category
TriCipher, Persistent Systems unveil secure single sign-on to Oracle Siebel CRM – Middleware : News
Posted by Tim - July 27th, 2009 - No Comments
TriCipher, Persistent Systems unveil secure single sign-on to Oracle Siebel CRM – Middleware : News.
TriCipher Demonstrates ‘Instant-on’ Password Attack Protection @ Burton Group Catalyst
Posted by Tim - July 22nd, 2009 - No Comments
Info on CAPTCHAs
Posted by Tim - July 16th, 2009 - No Comments
Feb 2009 article regarding automated attacks on CAPTCHAs: CAPTCHA Conundrum: Automated Attacks Trump Human-Entry Defenses: http://www.bmighty.com/blog/main/archives/2009/02/captcha_cnondru.html?queryText=anti-spam From April 2008: “Gone in 60 seconds: Spambot cracks Live Hotmail CAPTCHA needing only six seconds per attempt, and with a success rate of 10-15 percent, new anti-CAPTCHA bots are dismantling fraud protection systems at Gmail and Windows Live [...]
SSO for SaaS Coverage: TriCipher, Symplified & Ping
Posted by Tim - July 6th, 2009 - No Comments
http://www.informationweek.com/news/security/client/showArticle.jhtml?articleID=218200003 Interesting comparison and contrasting of offerings, though oddly enough, Ping seems to be fairly well behind the other two on the surface of it.
Another case of OTPs showing their vulnerability
Posted by Tim - June 13th, 2009 - 1 Comment
If you are still in the misguided camp of those thinking that OTPs (One Time Password) are the end-all be-all of online security then you may find this information interesting. Of course this particular instance is not the first case of OTPs being successfully attacked, Citibank and Nordea Bank both had reasonably well covered attacks [...]
News Items – April 30
Posted by Tim - April 30th, 2009 - No Comments
Facebook First Big Site To Really Embrace OpenID Finally an announcement in the OpenID world about an RP! Everyone wants to rule the world as IPs, but no one (that matters) wants to reciprocate. Guess I can’t say that anymore as FB certainly matters (for now). How to Spot a Fake Census Worker Remember, if [...]
Interesting items of the day – Weds, April 22
Posted by admin - April 22nd, 2009 - No Comments
I’m at the RSA show this week. If you’re in the neighborhood, look me up. Not sure if I’ll ever be able to get back to regular blogging, much as I’d like to. The good news / bad news is that work is keeping me busy and completely occupied. Good news in this economy, bad news [...]
Contenders for my most recent post?
Posted by Tim - August 22nd, 2008 - 1 Comment
I want to take the time and do an analysis of the various players that seem to be inching toward the kind of solution I’m looking for and contending to be the “PayPal of identity”, but time is tight now and for the next couple of weeks. So in the meantime, here’s a couple sites [...]
From whence will come Identity’s PayPal?
Posted by Tim - August 12th, 2008 - No Comments
I ran across this initial post OpenID, Information Cards, and Passwords in my newsreader which then led me to the original article “Goodbye, Passwords. You Aren’t a Good Defense” as well as a bunch of other responses to the Goodbye article by Kim Cameron, Axel Nennker and Dave Kearns. Great posts and all of this is marvelous commentary on [...]
Recent Posts
- The Two Faces of the Ground Zero Mosque
- Is this man Obamas worst nightmare?
- Fabulous interview of Victor Davis Hanson
- Product Watch: New Microsoft Identity Technology Aims To Protect Online Privacy – DarkReading
- Sales Engineer Wanted in Silicon Valley
Blogroll
Reference
WoW Insider News
