2FA

Easily add passkeys as a sign-in method for stronger security and better user experience with the Customer Identity Cloud Today, we’re excited to announce that passkeys will be available as an authentication method in the Okta Customer Identity Cloud as an Early Access feature for all customers on all plans. Passkeys are discoverable FIDO…

TL;DR: How to right-size your MFA solution to do more with less. Key takeaways include: Understanding small business authentication and MFA factors Considerations including ease of use, cost-efficiency, pros and cons  Creating your MFA implementation plan   If you’re reading this you know that when attackers get control of the right identity,…

Part one of a multi-part series “Identity is the perimeter of security.” I was introduced to this phrase in 2012 after my manager returned from a conference. He scrawled that phrase at the top of the whiteboard in his office, and there it stayed until I eventually moved on from that organization in late 2013. Though I had already spent seven years…

Two-factor authentication (2FA) is a form of multi-factor authentication (MFA), and is also known as two-step authentication or two-step verification. 2FA is a security measure that requires end-users to verify their identities through two types of identifiers to gain access to an application, system, or network. Think of your most recent login…

Being authentic is a high term of praise—if we think people are authentic, we believe them to be trustworthy, loyal, and dependable. There's a similar concept in computer security. Business networks are crucial to protect, so firms want only authorized people accessing them. In cybersecurity, authentication means verifying that a person or device…

Malware often gets top billing in mainstream news reporting of cyber-threats. It makes for snappy headlines and a compelling narrative—–but it’s not the whole story. Increasingly, organizations are finding customers exposed to malware-free account takeover attacks, which could result in serious data theft. There are several ways hackers can…

With the rise of of credential stuffing and similar attack methods, simple username and password authentication is not enough to deter bad actors. According to the Verizon Data Breach Investigations Report, there were over 55,000 security incidents and 2,200 confirmed data breaches in 2018, with a whopping 81% of those incidents being tied to…

TL;DR: Multi-Factor Authentication (MFA) is going mainstream(!). U2F keys (a.k.a., hardware tokens) are standing out as a great option for your customers. Add U2F support to your website while you can still brag about it.... Plus, it's quick and easy! Multi-Factor Authentication (MFA) is becoming mainstream. Until recently, MFA was only used to…

Every development team must decide which components to build in-house and which to offload to a 3rd party vendor. This decision is often difficult and hotly debated. After all, most developers chose this career in order to build cool things! Choosing to relinquish that control to buy a solution can seem contrary to their raison d’etre. But…

You’ve likely read about the Heartbleed vulnerability that has affected much of the Internet. The short version: Heartbleed is a bug that affects the way online services encrypt connections between their service and their users, and if not corrected can lead to sensitive information being revealed. Most services and sites on the Internet use…