A pair of security experts laud the renewed interest in two-factor authentication, but say there are other improvements needed to tighten security around end-user logins.
John Fontana's blog traverses the evolving digital identity landscape and its intersection with the cloud, compliance, audit, privacy, mobile computing, API integration and security.
John Fontana is a journalist focusing on access control, identity, privacy and security issues. Currently, he is the Identity Evangelist for strong authentication vendor Yubico, where he writes and edits a blog, as well as, directs several social media channels and represents Yubico at the FIDO Alliance. Prior to Yubico, John spent five years with identity vendor Ping Identity. He also spent 15 years as a senior editor for a variety of publications, including Communications Week, Internet Week and Network World, where he focused on enterprise topics including collaboration, directories, network infrastructure, databases, open source, ERP and security. He covered IBM, Microsoft, Cisco, Oracle, Red Hat, Google among other enterprise vendors. His work has also appeared in the New York Times, CNN, CIO and Mashable.
The National Strategy for Trusted Identities in Cyberspace is moving ahead with current plans to establish more pilots and programs this year.
A US District Court judge in California has ruled that plaintiffs failed to show harm stemming from last year's theft of 6.5 million passwords from LinkedIn.
Authentication, trust, and the cloud emerge as pressing issues for identity's evolution, according to the RSA Conference panel.
Security architectures will gain smarts by analyzing zettabytes of data.
Data breaches top the list, up from No. 5 just two years ago, in Cloud Security Alliance report.
Do end-users, online services, email providers and other invested parties have a collective conscience that can build a better credential and make the Web a safer place?
The RSA Conference will kick off next week with the Cloud Security Alliance Summit, which examines issues from identity, to mobile to national security.
The black hats are getting more sophisticated, but unfortunately the white hats are making the same old rookie mistakes
FIDO Alliance aligns smart devices, authentication but will its scope be broad enough and its appeal wide enough.
Use of social network identities is expected to sky-rocket in the next two years, but it's aimed at reducing friction between merchants and your money, not because it's a better credential.
Google isn't just beginning to attack the password, in fact, it has been working since before 2010 on eliminating passwords and standardizing authentication on the Web.
Distributed cloud services and mobile-device clients are driving Web-friendly protocols for identity and security.
End-user generated passwords continue to have little defense against hackers, according to Deloitte Canada.
Forrester analyst Eve Maler says passwords will be an authentication method for the foreseeable future, but changes in IT attitudes can make that palatable.