After admitting that its service was breached, Dropbox says it will offer two-factor authentication. Is it the answer to the issue or the start of a new round of questions?
John Fontana's blog traverses the evolving digital identity landscape and its intersection with the cloud, compliance, audit, privacy, mobile computing, API integration and security.
John Fontana is a journalist focusing on access control, identity, privacy and security issues. Currently, he is the Identity Evangelist for strong authentication vendor Yubico, where he writes and edits a blog, as well as, directs several social media channels and represents Yubico at the FIDO Alliance. Prior to Yubico, John spent five years with identity vendor Ping Identity. He also spent 15 years as a senior editor for a variety of publications, including Communications Week, Internet Week and Network World, where he focused on enterprise topics including collaboration, directories, network infrastructure, databases, open source, ERP and security. He covered IBM, Microsoft, Cisco, Oracle, Red Hat, Google among other enterprise vendors. His work has also appeared in the New York Times, CNN, CIO and Mashable.
The Electronic Frontier Foundation is using an interactive Twitter tool that has opponents to the Cybersecurity Act of 2012 flooding the Twitter accounts of U.S. senators.
A privacy survey ranks the Top 100 data points in terms of what information end-users care the most about keeping private. Also, Baby Boomers emerge as most privacy-sensitive group.
OAuth 2.0 should be finalized this week, but the action is taking place in blogs and comment sections online as three years of work and frustration boil over.
Researchers are focusing on the feet to develop a new biometric system that proves identity and can help detect certain diseases.
The National Strategy for Trusted Identities in Cyberspace is set to launch its steering group and ready to hand out $10 million for pilot programs.
OAuth 2.0 is already catching fire as the spec to secure native mobile apps and API calls.
The OpenID Foundation introduces a message bus with identity capabilities as part of plan to create venue where ID technology can be vetted, open sourced and made available to enterprises, Web site operators and others.
A researcher calls Yahoo’s loss of 400,000 passwords a “total password failure” for lack of policies and storage in plain text. In addition, the hack included accounts from other domains including the U.S. Congress
NIST names system integrator Trusted Federal Systems to oversee the Steering Group that will build policies and guidelines for the National Strategies for Trusted Identities in Cyberspace initiative
Customer re-use of the same user name and password across multiple sites is being blamed for attacks on customer accounts at BestBuy.com.
Top Dutch telecom firm shuts its customer self-service portal after discovering users not bothering to change default password.
The government-led digital ID strategy, NSTIC, will hit its most significant milestone to date this month when it names a private organization to run its steering group and hands it $2.5 million in funding.
Online privacy is the focal point during the next year for the newest president of the National Association of State Attorneys General.
A provisioning working group gets its marching orders from the Internet Engineering Task Force and sets sites on creating a standard way to add and remove users from cloud-based services and applications.
The best of ZDNet, delivered
- 1 Researchers say WeMo devices flawed, suggest deactivating
- 2 Yahoo not veering off authentication path, just negotiating detours
- 3 Seven ways identity, access management will change in the enterprise
- 4 Google unveils 5-year roadmap for strong authentication
- 5 Hackers favor authentication-based attacks, report shows