multi-factor authentication

Why-Take-Risks?

Why Take Chances? An Approach to Risk Based Authentication

Posted by | inWebo Blog: Exploring Authentication, Identity, Privacy, and Security | No Comments

A few years ago, the security industry made (another) brilliant marketing move. When the forces reluctant to multi-factor authentication threw what they thought would be their trump card, “But authentication creates friction!”, some leading vendors, instead of polishing their products to improve the user experience, just embraced the argument Read More

The Consumerization Of Enterprise MFA

The Consumerization Of Enterprise MFA

Posted by | inWebo Blog: Exploring Authentication, Identity, Privacy, and Security | No Comments

The odds are that you were first exposed to some form of advanced authentication as an employee when you were given a key-chain token to connect to the company VPN or webmail, or as a customer when you received a code in a short text asking you to confirm a transaction. Although these look like completely different technologies, they have exactly the same single purpose Read More

How Safe Is A “Secure Authentication”

Posted by | inWebo Blog: Exploring Authentication, Identity, Privacy, and Security | No Comments

The search for alternative, safe, easy, and inexpensive user authentication methods has become a very central question due to the rise of attacks targeting and defeating user passwords (see e.g. link). However, “inexpensive” at the Internet scale is contradictory to “safe”, so the search for better compromises than passwords looks both like a Graal quest and squaring the circle. In this post, I look at how secure the proposed alternatives are. Read More