Is That Really You?
2014 is so far looking as though it might turn out to be the year of authentication. It seems that every story I read or watch on the television news that relates to computer security has something to do with authentication. Many – or maybe most – feature some form of authentication error or issue […]
Security Through Obscurity. Not.
pcworld.com reported recently about a backdoor in some D-Link router firmware. You should read the article. It works basically like this: routers require a username and password for authentication. On many SOHO (small office/ home office) or personal routers, the username is often blank or there is a user called ‘admin’ who can do the […]
Watching The Show
I had the distinct pleasure this past week (as I write this) of assisting Bob Cromwell with teaching Learning Tree Course 468, System and Network Security Introduction in New York. [When classes are large, Learning Tree adds an additional instructor to courses in order to help participants with questions, hands-on exercise issues and so forth. This […]
Isn’t Corporate Identity Management Far Too Important to be Turned Over to Facebook?
Identity and Access Management or IAM is crucial as organizations move into the cloud. IAM allows an organization to centrally create, control and track individual identities, defining how users must first authenticate so that decisions can be made about what they are authorized to do. Typical corporations or government agencies use cloud products from multiple […]
You Can’t Share What You Don’t Know
There is an article on popsci.com about secure passwords entitled “Why TheOnly Secure Password Is One You Don’t Even Know That You Know”. It deals with a method to create passwords that can be entered, but because the user does not actually know the password, she cannot forget it or share it. You should read […]