Duo's Security Blog

MAY 6, 2024

The security industry has diligently battled compromised credentials, evolving from passwords to multifactor authentication (MFA) to passwordless — our most secure and phishing-resistant method to date — and one that is fully supported in Duo. This means there are serious holes in our authentication armor today.

Authentication 95

Authentication Accountability VPN Phishing 95

Thales Cloud Protection & Licensing

FEBRUARY 24, 2021

Overview of Authentication Mechanisms. In this regard, continuously authenticating users who are accessing corporate resources helps maintain trust in distributed IT environments. Let us examine some of the most prominent authentication mechanisms before we move on to the emerging continuous access evaluation protocol (CAEP) standard.

Authentication 87

Authentication Mobile Passwords Software 87

Thales Cloud Protection & Licensing

FEBRUARY 19, 2025

Go Beyond FIDO Standards: Best Practices When Deploying FIDO Security Keys in Enterprise madhav Thu, 02/20/2025 - 06:22 Initially designed for the consumer market, the FIDO (Fast IDentity Online) standard aims to replace passwords with more secure authentication methods for online services. While recent versions, like FIDO2.1,

Authentication 71

Authentication Passwords Marketing Risk 71

Troy Hunt

SEPTEMBER 7, 2018

It's been a week of travel for me with API Days in Melbourne on Tuesday, Fortinet Fast & Secure in Sydney on Wednesday then the Varonis webinar yesterday (recorded, I'll share once it's online). Be that as it may, I did manage to pump out a long-awaited blog post on the total cost of running Pwned Passwords in HIBP and its.

Spyware 142

Spyware Passwords Authentication Hacking 142

Duo's Security Blog

JULY 1, 2021

Tall Tale #1: PINs Are Just Passwords In Part 1 , we talked about how passwordless authentication is still multi-factor: Possession of a private key, ideally stored on a piece of secure hardware A biometric or PIN the authenticator uses to locally verify the user’s identity Reasoning about a PIN being used as a factor is simpler than a biometric.

Passwords 98

Passwords Surveillance Authentication Risk 98

Duo's Security Blog

FEBRUARY 11, 2022

To help you make the most of this new offering, Duo Product Manager Chris Demundo and Product Marketing Manager Ted Kietzman recently hosted the webinar Ask Us Anything: Passwordless Tips & Tricks , answering passwordless questions crowdsourced from our Duo Community public forum. What is passwordless authentication?

Authentication 111

Authentication Passwords Mobile Risk 111

Duo's Security Blog

SEPTEMBER 16, 2021

At Duo, we're building a passwordless authentication solution that’s as easy to set up as it is to use – with our world-class security baked in. Your Journey Begins with Multi-Factor Authentication See the video at the blog post. On your path to passwordless, it’s key to separate fact from fiction around biometrics, PINs and passwords.

Authentication 128

Authentication Passwords Phishing CISO 128

Hacker's King

OCTOBER 26, 2024

Activities during this week include engaging workshops, informative webinars, and community events, all designed to empower individuals with the knowledge and skills necessary to navigate today’s cyber threats effectively. Change them regularly and avoid reusing passwords across different accounts.

Cybersecurity 59

Cybersecurity Cyber threats Education Passwords 59

Duo's Security Blog

SEPTEMBER 4, 2023

And when it comes to managing access for this plethora of devices, password security just isn’t cutting it anymore. In our recent passkey blog series , we’ve been unpacking the difference between new passkey technology and more conventional password security in light of some of the most critical authentication scenarios.

Passwords 81

Passwords Authentication Accountability Password Management 81

Duo's Security Blog

SEPTEMBER 1, 2023

Nobody likes passwords. And is it realistic to consider passkeys – and the passwordless solutions they support – as a valid alternative for traditional password security? And is it realistic to consider passkeys – and the passwordless solutions they support – as a valid alternative for traditional password security?

Passwords 69

Passwords Authentication Phishing Technology 69

Thales Cloud Protection & Licensing

JULY 8, 2021

Hardware-based PKI provides strong passwordless authentication. The need to manage users and authenticators in a secure and timely way is important with any PKI-based deployment. Certificate-based and software authentication solutions and OTP. Simply put, strong authentication helps verify data security. PKI Management.

Authentication 71

Authentication Password Management Passwords Accountability 71

Webroot

FEBRUARY 5, 2025

Major companies like Apple, Google, and Microsoft are rolling out passkeys as a replacement for passwords, promising both enhanced security and a smoother user experience. But what exactly are passkeys, and why are they considered the future of authentication? This means no more passwords to remember, reset, or leak in data breaches.

Authentication 60

Authentication Password Management Passwords Backups 60

Duo's Security Blog

OCTOBER 18, 2022

By this point, we’re all familiar with the list of requirements for a strong password: unique, long, memorable, free from any personal information… But even the strongest passwords can pose a risk if they’re the only thing standing between your users and enterprise content.

Insurance 64

Insurance Passwords Cyber Insurance Authentication 64

Security Boulevard

APRIL 18, 2025

Also, find out what Tenable webinar attendees said about identity security. The Cyber Centre has also observed router compromises stemming from basic security mistakes, such as the use of default and weak passwords, and of default security settings. Protect all administrative access with phishing-resistant multi-factor authentication.

Risk 59

Risk Cybersecurity Data privacy Software 59

Thales Cloud Protection & Licensing

AUGUST 15, 2022

FIDO - Leading the Zero Trust Passwordless Authentication Evolution. It’s no secret that passwords have become one of the weakest links in enterprise security. A Zero Trust approach starts with Multi-Factor Authentication (MFA). The Role of Passwordless Authentication. Tue, 08/16/2022 - 06:32.

Authentication 71

Authentication Phishing Passwords Risk 71

Duo's Security Blog

OCTOBER 6, 2023

Threat actors have dramatically escalated their attacks – targeting security controls like multi-factor authentication (MFA), conducting wily social engineering attacks and extorting businesses large and small with ransomware. Since then, teams have had years to adjust to this new reality, yet the attackers have as well.

Authentication 144

Authentication Risk Social Engineering InfoSec 144

Duo's Security Blog

APRIL 23, 2025

"Ninety-nine percent of attacks can be blocked with multi-factor authentication (MFA) is an oft-discussed quote from 2019. Duo passwordless reduces your reliance on passwords, improves user experience, reduces IT overhead, and strengthens security posture. Pretty much any app you can think of.

Authentication 59

Authentication Risk Social Engineering Accountability 59

Duo's Security Blog

JULY 6, 2023

Today we will discuss the survey makeup, review key results and explain why Duo’s Passwordless technology is well positioned to meet enterprise authentication needs highlighted in the study. Workforce authentication failures are common and MFA is still not mandatory Duo has always focused on meeting customers where they are.

Authentication 100

Authentication Passwords Risk Technology 100

Duo's Security Blog

OCTOBER 11, 2023

To learn more about how Duo’s access management trifecta empowers you to authenticate further and defend faster, be sure to tune into our webinar Authenticate Further, Defend Faster with Higher Security from Duo. Forget coming up with a password that will eventually, inevitably find its way onto the dark web.

Authentication 126

Authentication Risk Technology Phishing 126

Duo's Security Blog

NOVEMBER 20, 2023

One piece of evidence to support this hypothesis is the low adoption of a basic security control that protects against identity-based attacks - multi-factor authentication (MFA). Add to this, the risks of weak authentication factors such as SMS one-time passcodes and dormant or inactive accounts.

Threat Detection 138

Threat Detection Authentication Accountability Data breaches 138

Duo's Security Blog

JANUARY 14, 2025

Hes asking if you can help him with a password reset and hes calling from a recognized numberdo you trust it? Preventing Helpdesk Phishing with Duo and Traceless Webinar Helpdesk impersonation is a big concern today, with MSPs contending with fraudulent attempts from attackers pretending to be clients. How can Duo MSP help?

Phishing 111

Phishing Technology Scams Cybercrime 111

Duo's Security Blog

MARCH 9, 2022

Together these practices — which include multi-factor authentication (MFA), restricting administrative privileges and daily backups — provide a clear framework for businesses anywhere that are looking to improve their foundational security footing , as we’ve previously noted on the Duo Blog.

Cybersecurity 98

Cybersecurity Passwords Authentication VPN 98

Security Boulevard

JULY 6, 2023

It's no secret that the bad guys are training their artificial intelligence (AI) engines to crack passwords, perform account takeovers (ATO), and automate their ransomware demands. In fact, they are using AI to not only predict your users' current passwords. Mind blown!

Artificial Intelligence 105

Artificial Intelligence Passwords Authentication Accountability 105

Duo's Security Blog

JULY 15, 2021

Yes, it’s a password-less authentication method, greatly streamlining the login experience, and while that’s a great incentive to use passwordless for logging in, it’s not an improvement in authentication security in and of itself. That isn’t to say that every password-less solution needs to be phish-proof.

Phishing 105

Phishing Authentication Passwords Risk 105

Duo's Security Blog

NOVEMBER 6, 2023

Passwords that are easily detectable or reused often are vulnerable to phishing attacks. This lowers the number of passwords users must remember (or re-use, as is often the case). The problem with balancing many identities Conventional passwords create separate lines for each account. What is a credential stuffing attack?

Passwords 83

Passwords Authentication Risk Technology 83

Security Boulevard

JULY 21, 2023

This is why it's critical to secure your user identities and passwords and the IAM services that manage them. Multi-factor authentication (MFA) : MFA requires users to provide more than one form of identification to access a system or application. From there, they can find high-value data to steal, hold for ransom, expose, or sell.

Threat Detection 98

Threat Detection Passwords Authentication Accountability 98

Security Boulevard

MAY 2, 2025

Enforce multi-factor authentication across all software development environments. Dont use default password in your products. In fact, the agency says its common for hackers to specifically target OT products they know are insecure, instead of going after specific organizations. Securely store and transmit credentials.

Cybersecurity 52

Cybersecurity Software Cyber Risk Risk 52

eSecurity Planet

JUNE 21, 2024

Keeper and Dashlane are top password managers prioritizing multi-layered encryption systems for secure password sharing. Both password managers are suitable for small to large businesses. 5 Keeper, a low-cost password manager, highlights security with strong end-to-end encryption and authentication. 5 Pricing: 3.6/5

Password Management 103

Password Management Passwords Encryption VPN 103

Security Boulevard

FEBRUARY 14, 2022

Customers end up calling help desks for multiple reasons, including to reset their passwords and manage their profile, privacy, and data sharing settings. For example, allowing customers to manage and reset their usernames and passwords alone can save enterprises millions of dollars annually. Learn More In Our Webinar.

Passwords 97

Passwords Retail Digital transformation Risk 97

Duo's Security Blog

SEPTEMBER 30, 2022

If you are not sure what the new security requirements are or if they affect your business or organization, don’t worry – we put together a webinar to help answer those questions. Watch the FTC Safeguards Rule Webinar. The definition of financial institutions includes non-financial institutions.

Cybersecurity 94

Cybersecurity Authentication CISO Healthcare 94

SecureWorld News

JULY 21, 2020

The inclusion of authentic content also makes it harder for spam filters to detect the emails as malicious. It steals usernames and passwords for outgoing email servers. Check out our webinar on phishing, "Phishing Attacks Are Becoming More Evolved: How to Eradicate Them.". But that's not all.

Phishing 87

Phishing Banking Passwords Authentication 87

CyberSecurity Insiders

APRIL 10, 2023

Time to time, we have corporate self-paced training to ensure we are adhering to standards.” – Neeraj Vijay, CISSP Chinatu Uzuegbu, CISSP recommends Online/Virtual Trainings/Webinars Face-to-face knowledge sharing with demonstrations. Batch training for the Identity Management key players.

Identity Theft 105

Identity Theft Education Authentication Data breaches 105

Security Boulevard

MARCH 12, 2025

Breaking the Barriers to a Password-Free Life in Enterprise: Meet SafeNet eToken Fusion NFC PIV security key madhav Thu, 03/13/2025 - 06:46 As large organizations increasingly shift towards passwordless solutions, the benefits are clear: enhanced user experience, improved security, and significant cost savings.

Passwords 52

Passwords Authentication Digital transformation Government 52

Thales Cloud Protection & Licensing

JULY 17, 2019

And while your organization may be protected with encryption and authentication tools, what about the third-party lab or billing firm that will eventually possess the data you’re responsible for protecting? A password can be updated. Inoculate with Encryption and Authentication. Thales will also host a webinar on Thursday, Sept.

Healthcare 101

Healthcare Encryption Data breaches Authentication 101

Duo's Security Blog

FEBRUARY 6, 2024

Traditionally, credentials (such as usernames, passwords or security tokens) have been the gatekeepers of access. This way, IT Administrators can quickly address any security gaps by migrating from weak authentication to strong, phishing-resistant, multi-factor passwordless deployments across a customer’s entire enterprise stack.

Accountability 119

Accountability Authentication Risk Marketing 119

Cisco Security

FEBRUARY 14, 2022

Fourth, they should ensure access is authorized, authenticated, and encrypted. Richard Archdeacon: I’m frequently asked about when we will no longer need passwords. We have all seen the most commonly breached passwords are ‘123456’ or the classic ‘password’. Is that because users think that password is secure?

Passwords 128

Passwords Technology Government CISO 128

Security Boulevard

SEPTEMBER 20, 2024

Replace default passwords with strong passwords. Success ” (on-demand webinar) 5 - CISA issues plea to end XSS vulnerabilities Although cross-site scripting (XSS) vulnerabilities are easily preventable, software makers continue introducing them into their products, a situation that needs to stop.

Cybersecurity 97

Cybersecurity IoT Hacking Risk 97