I have published another part in my Back-to-Basics MFA Mini-series over on CyberAwake. What’s Wrong with MFA – CyberAwake
Microsoft raises the security bar
Microsoft is going to automatically deploy a policy for many of it’s customers that will make it mandatory for administrator users to use MFA. Microsoft will roll out MFA-enforcing policies for admin portal access (bleepingcomputer.com) Of course the admins could turn this policy off – but why would they? Watch …
Move away from text- or voice-based multi-factor authentication
Let’s take a look at what good multi-factor authentication is. I am writing a mini-series for CyberAwake about the mistakes users make when choosing a secure password and how hackers can exploit those mistakes, so a quick look at MFA seems like a good idea. What is multi-factor authentication? A …
Continue reading “Move away from text- or voice-based multi-factor authentication”
Authentication – Who Do You Let In?
Authentication, Authorisation and Accountability. This is the first part of a three-part series looking at the basics of the cyber security principle of “AAA”. Today we will start with Authentication It seems the easiest of principles. Everyone needs a username and password (credentials) to access any of your organisation’s systems. …
If you use KeePass it is good to know…
…it does not leak your master password any more! I have had a lot to say on the storage of your highly sensitive passwords – use an online bank if you must but also realise they are not perfect: KeePass v2.54 fixes bug that leaked cleartext master password (bleepingcomputer.com) I …