passwords

Passwordless Authentication: Where to start

Let’s face it: we’re all tired of passwords. They’re a major pain for users and not nearly as effective at securing accounts as they pretend to be. Thankfully, there is a better way! We are excited to announce a new set of passwordless capabilities in Okta that will allow you to deliver seamless auth experiences to all users! In this post, we’ll…

What is Passwordless Authentication?

Passwordless authentication is an emerging authentication method that has been gaining traction as of late. In this post, we’ll explore what passwordless authentication is, the usability and security challenges that passwords present, and the benefits of passwordless authentication. What is passwordless authentication? At a basic level,…

There’s No Place for Passwords in the Future of Work

Everyone has probably had this experience at some point: you set up an account for a work application—and the next time you need to use it, you’ve forgotten the complex password the application required. For today’s workforce, the erosion of trust in technology starts with the unreliability of a system designed to protect our identities: passwords…

How Okta Protects You Against Identity Attacks

From Okta’s position at the “front door” of many organizations, we tend to see a significant number of authentication-related cyber attacks. This presents a real risk to organizations, especially when exacerbated by poor password habits. As we detailed in our 2019 Businesses at Work report, 40% of survey respondents reported using only 2-4…

Embracing the Kanyes of Our Organization

Let’s talk about Kanye. You might remember that he was featured on international news when he entered his phone password on live TV. But the part that earned him national mockery was the password itself: 000000. It’s easy to laugh at the example he set, but, unfortunately, his attitude towards security is similar to many people today. And when…

How FIDO2 + WebAuthn Offer a Seamless, Secure Login

For those not familiar with FIDO2, it is an improved version of the FIDO standard – popularly known for the U2F USB tokens provided by Google and Yubico. Now that we've explored what Webauthn is and reviewed critical Webauthn building blocks and protocols, I’ll use this post to break down how you can leverage WebAuthn with FIDO2 to enhance both…

Never Do Your Own Taxes—or Your Own Auth! (Mostly)

It’s Tax Day. A day of dread for some, an annual routine for others. Can you think of any other financially impactful space where a DIY vs professional choice is so widely debated? Sure, when you’re just starting out, you can do a lot of things on your own without too much damage. But as you grow and obtain new assets, you may want to hire…

Password spraying detection: Where do I start?

Password spraying has been one of the hottest topics in cyber security in the last few years. Right off the heels of multiple high-profile breaches, it’s been getting a lot of attention from security vendors, reporters, and the security community as a whole. In this post, we’ll discuss why password spraying is increasing in prevalence, and steps…

What are Salted Passwords and Password Hashing?

Security is often not top of mind when creating customer-facing applications. But in a landscape of continual data breaches of major corporations like T-Mobile and Google, companies must be vigilant to adhere to security best practices. Processes like password salting and hashing are fundamental to the security posture of your apps. Understanding…

Archive