Phone numbers as identifiers: The problem with SMS-based authentication

I recently heard about a Facebook user who encountered a very concerning login experience. After entering a password recovery code he had received via SMS, the user was accidentally logged into someone else's Facebook account. The phone number the user had used to receive the SMS was actually a recycled number that previously belonged to someone…

4 Tools to Keep in your Risk-Assessment Toolbox

As more companies move to support cloud-based environments to work with better mobility and flexibility, their number of vulnerability points also increase. A thriving underground economy that trades in hacking tools, cyber crime services, stolen data, and credentials is estimated to be worth $600 billion annually—that’s more than the film, gaming…

5 Mistakes That Can Drive Up User Migration Costs

If you’re upgrading to new company software, a new operating system, or even moving from on-premises systems to the cloud, you’re thinking about user migration. User migration projects are rarely quick, nor easy, as they demand meticulous planning and attention to detail. However, with proper foresight and preparation, user migrations don’t need…

The Ultimate Authentication Playbook

With the rise of of credential stuffing and similar attack methods, simple username and password authentication is not enough to deter bad actors. According to the Verizon Data Breach Investigations Report, there were over 55,000 security incidents and 2,200 confirmed data breaches in 2018, with a whopping 81% of those incidents being tied to…

Tags

Archive

Follow Us
Share on Linkedin Share on Facebook Share on Youtube