NIST and CISA release a draft interagency report for public comment on protecting authentication tokens from tampering, theft, and misuse.

The U.S. Army’s wearable authentication tokens intended for the tactical environment could be used for nontactical purposes, such as accessing strategic-level systems, enterprise networks and medical ...

Passwords and app-based MFA add hidden costs through lost productivity, frequent resets, and risk of phishing and social ...

With no shortage of cybersecurity risks in state and local government, state CIOs expect enterprise identity and access management solution adoption or expansion to be the cybersecurity initiative ...

Device code phishing abuses the OAuth device flow, and Google and Azure produce strikingly different attack surfaces. Register for Huntress Labs' Live Hack to learn about attack techniques, defensive ...

"Two-step verification," "strong authentication," "2FA," and "MFA." Far more people are familiar with these terms today than just a few years ago. Multifactor authentication — or simply MFA — ...

Microsoft Teams stores authentication tokens in unencrypted plaintext mode, allowing attackers to potentially control communications within an organization, according to the security firm Vectra. The ...

The Internet Engineering Task Force (IETF) --the organization that develops and promotes Internet standards-- has approved three new standards this week designed to improve the security of ...

This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community. The bank has begun issuing Vasco's Digipass GO3 two factor ...

VeriSign has released an iPhone app that lets you supplement a user name and password login at several Web sites with a well-regarded and cryptographically robust method of confirming your identity.