MFA

A Deep Dive Into Okta FastPass

This blog post is the second in a series focusing on credential phishing. Previously, in the blog The Need for Phishing-Resistant Multi-Factor Authentication, Mukul Hinge explained how threat actors are becoming more sophisticated, using various tools to overcome mitigations. Today’s post digs into the inner workings of Okta FastPass, explaining…

Cyber Security Awareness Month: The Problem with Passwords

Passwords are a fixture of our modern digital world that cause no end of frustration and angst. I am sure this scenario is a familiar one: ‘Incorrect password, please try again’ <forgot password> ‘Please enter a new password’ <input incorrect password (because, hey, it wasn’t the right one anyway)> ‘The password you have entered has…

What you Need to Know: An Update on the GLBA Safeguards Rule

With the expanding scope of cyberattacks on financial institutions and a substantial increase in fraud, government and industry oversight bodies are stepping up with new regulations and requirements to protect consumers. One of the most recent examples are the updates to the Gramm-Leach Bliley Act (GLBA).  After 20 years of regulating information…

MFA Fatigue: A Growing Security Concern

The internet has never faced so much existential risk from people who want to harm companies and their users. While many organizations understand that there’s a link between identity and security, few fully grasp how foundational identity is to a modern security strategy. Organizations with gaps in their identity security are significantly more at…

Okta Passkey Management: A New Feature Flag

Apple recently announced support for Multi Device FIDO credentials - also called passkeys. Passkeys allow users a passwordless login to all of their iOS and macOS devices. Passkeys provide a better user experience across websites and apps, and enhance security by virtue of being a standards-based technology that–unlike passwords–is resistant to…

Okta Helps Federal Agencies Easily Deploy Phishing-Resistant MFA

A recent report from the Anti-Phishing Working Group (APWG) revealed phishing attacks for the first quarter of 2022 exceeded one million—the highest on APWG record. As attacks increase, it’s reasonable to expect targeted phishing attacks to increase as well.  The U.S. government is defending itself against this growing threat via mandates and…

Reflections on Security: Looking Ahead

As we continue deeper into 2022, facing many of the challenges we saw in 2021 (see Reflections on Security: Looking Back at 2021), optimism may seem difficult. How do we know the next evolution of identity and security practices will be enough? And this time of year always sees a flurry of predictions on what trends will emerge and what should be…

Archive