A researcher calls Yahoo’s loss of 400,000 passwords a “total password failure” for lack of policies and storage in plain text. In addition, the hack included accounts from other domains including the U.S. Congress
John Fontana's blog traverses the evolving digital identity landscape and its intersection with the cloud, compliance, audit, privacy, mobile computing, API integration and security.
John Fontana is a journalist focusing on authentication, identity, privacy and security issues. Currently, he is the Identity Evangelist for strong authentication vendor Yubico, where he also blogs about industry issues and standards work, including the FIDO Alliance.
NIST names system integrator Trusted Federal Systems to oversee the Steering Group that will build policies and guidelines for the National Strategies for Trusted Identities in Cyberspace initiative
Customer re-use of the same user name and password across multiple sites is being blamed for attacks on customer accounts at BestBuy.com.
Top Dutch telecom firm shuts its customer self-service portal after discovering users not bothering to change default password.
The government-led digital ID strategy, NSTIC, will hit its most significant milestone to date this month when it names a private organization to run its steering group and hands it $2.5 million in funding.
Online privacy is the focal point during the next year for the newest president of the National Association of State Attorneys General.
A provisioning working group gets its marching orders from the Internet Engineering Task Force and sets sites on creating a standard way to add and remove users from cloud-based services and applications.
An Illinois woman files a class action suit against LinkedIn claiming that violation of its own privacy policies and user agreements allowed hackers to steal 6.46 million passwords.
Another password and data breach. Another mad scramble of questions and Band-Aids. It's not password configuration, policies or anything else, it's the infrastructure that needs an overhaul.
Developers are finding themselves back in the spotlight as the shifting computing landscape clamors for their skills. Recently, I stepped outside my ID world to attend the Glue Conference and see what's up.