Phishing Resistant Multi-Factor Authentication

Many Duo push notifications

As attackers figure out new ways to get around traditional multi-factor authentication, we must evolve to prevent fraudulent access to our accounts. The next wave of multi-factor authentication will fortify user accounts against phishing attacks. Unlike traditional multi-factor authentication, new approaches incorporate advanced techniques such as biometric authentication, hardware tokens, and push notifications to trusted […]

Multi-Factor Authentication

Most of the time, using an online service – checking email, shopping, and using social media – requires users to log into an account with a password. As we covered in the Password-based Authentication article, passwords are “something known,” so they can be leaked. And security breaches happen often. Recently, LastPass had its second security […]

Biometric-based Authentication

In the last two months, we covered password-based authentication and token-based authentication. When properly implemented and used, both methods can provide secure user authentication. Still, passwords and tokens each have their shortcomings: Complex—and therefore secure—passwords are hard to remember. A token can be lost. Either can be stolen. Meanwhile, biometric authentication uses personal data that […]

Token-based Authentication

By: David Puzder Last month, we covered password-based authentication explaining how to authenticate a user based on something they know. Another means to authenticate a user’s identity is through something they possess – a token. A common instance of token-based authentication is a house key. Ideally, only the person who possesses the proper key can […]

Password-based Authentication

By David Puzder Virtually every online account requires a password. Many account providers require additional authentication steps, like the Duo push alert, to increase security. As for password-based authentication, the principle is relatively straightforward: the user provides an account name or identifier (ID) plus a password, and the system compares the given password to the […]