Duo's Security Blog

MAY 6, 2024

The security industry has diligently battled compromised credentials, evolving from passwords to multifactor authentication (MFA) to passwordless — our most secure and phishing-resistant method to date — and one that is fully supported in Duo. This means there are serious holes in our authentication armor today.

Authentication 95

Authentication Accountability VPN Phishing 95

Thales Cloud Protection & Licensing

FEBRUARY 19, 2025

Go Beyond FIDO Standards: Best Practices When Deploying FIDO Security Keys in Enterprise madhav Thu, 02/20/2025 - 06:22 Initially designed for the consumer market, the FIDO (Fast IDentity Online) standard aims to replace passwords with more secure authentication methods for online services. While recent versions, like FIDO2.1,

Authentication 71

Authentication Passwords Marketing Risk 71

Thales Cloud Protection & Licensing

FEBRUARY 24, 2021

Overview of Authentication Mechanisms. In this regard, continuously authenticating users who are accessing corporate resources helps maintain trust in distributed IT environments. Let us examine some of the most prominent authentication mechanisms before we move on to the emerging continuous access evaluation protocol (CAEP) standard.

Authentication 87

Authentication Mobile Passwords Software 87

Thales Cloud Protection & Licensing

JANUARY 11, 2023

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List. Throughout 2022, Thales hosted more than 40 webinars on a wide variety of cybersecurity topics, including, cloud security, data sovereignty, compliance, data threat trends, and rethinking approaches to role-based authentication.

Financial Services 83

Financial Services Threat Reports Architecture Technology 83

Security Boulevard

DECEMBER 30, 2024

These rules , which mandate that all public companies disclose material cybersecurity incidents within four business days and detail their risk management strategies, highlight that cybersecurity is a board-level risk management concern. Tenable CEO Amit Yoran had a clear point of view when he wrote about the rules as they took effect.

Cybersecurity 85

Cybersecurity Cyber Risk CISO Risk 85

Duo's Security Blog

OCTOBER 6, 2023

Threat actors have dramatically escalated their attacks – targeting security controls like multi-factor authentication (MFA), conducting wily social engineering attacks and extorting businesses large and small with ransomware. To achieve more resilience in this heightened risk environment, stepping up zero trust maturity is essential.

Authentication 144

Authentication Risk Social Engineering InfoSec 144

Duo's Security Blog

OCTOBER 18, 2021

Recently, while co-hosting a webinar that kicked off Cybersecurity Awareness Month, a panelist commented that cybersecurity and privacy are team sports on a campus, much like our athletic teams. They see the investment in MFA as critical to a campus cybersecurity program and managing risk for a campus.

Insurance 97

Insurance Education Risk Cyber Insurance 97

Duo's Security Blog

FEBRUARY 11, 2022

To help you make the most of this new offering, Duo Product Manager Chris Demundo and Product Marketing Manager Ted Kietzman recently hosted the webinar Ask Us Anything: Passwordless Tips & Tricks , answering passwordless questions crowdsourced from our Duo Community public forum. What is passwordless authentication?

Authentication 111

Authentication Passwords Mobile Risk 111

Hacker's King

OCTOBER 26, 2024

Activities during this week include engaging workshops, informative webinars, and community events, all designed to empower individuals with the knowledge and skills necessary to navigate today’s cyber threats effectively. Promoting Cyber Hygiene Good cyber hygiene is about adopting habits that minimize security risks in everyday activities.

Cybersecurity 59

Cybersecurity Cyber threats Education Passwords 59

Duo's Security Blog

OCTOBER 11, 2023

To learn more about how Duo’s access management trifecta empowers you to authenticate further and defend faster, be sure to tune into our webinar Authenticate Further, Defend Faster with Higher Security from Duo. In fact, multi-factor authentication (MFA) has been the access security tool of choice for years now.

Authentication 126

Authentication Risk Technology Phishing 126

Thales Cloud Protection & Licensing

AUGUST 15, 2022

FIDO - Leading the Zero Trust Passwordless Authentication Evolution. A Zero Trust approach starts with Multi-Factor Authentication (MFA). The Role of Passwordless Authentication. While password guessing and brute force attempts are still a risk, cybercriminals no longer need to go through the trouble.

Authentication 71

Authentication Phishing Passwords Risk 71

Duo's Security Blog

SEPTEMBER 16, 2021

At Duo, we're building a passwordless authentication solution that’s as easy to set up as it is to use – with our world-class security baked in. Your Journey Begins with Multi-Factor Authentication See the video at the blog post. Learn more about common misconceptions related to passwordless authentication methods.

Authentication 128

Authentication Passwords Phishing CISO 128

Duo's Security Blog

JULY 6, 2023

Today we will discuss the survey makeup, review key results and explain why Duo’s Passwordless technology is well positioned to meet enterprise authentication needs highlighted in the study. Workforce authentication failures are common and MFA is still not mandatory Duo has always focused on meeting customers where they are.

Authentication 100

Authentication Passwords Risk Technology 100

Duo's Security Blog

NOVEMBER 20, 2023

One piece of evidence to support this hypothesis is the low adoption of a basic security control that protects against identity-based attacks - multi-factor authentication (MFA). Add to this, the risks of weak authentication factors such as SMS one-time passcodes and dormant or inactive accounts.

Threat Detection 138

Threat Detection Authentication Accountability Data breaches 138

Webroot

FEBRUARY 5, 2025

But what exactly are passkeys, and why are they considered the future of authentication? With Password Day coming up this Saturday, it’s the perfect time to discuss the future of authentication. Passkeys leverage public-key cryptography to authenticate users without requiring them to remember or type in a password.

Authentication 60

Authentication Password Management Passwords Backups 60

Duo's Security Blog

JANUARY 14, 2025

In recent webinar Preventing Helpdesk Phishing with Duo and Traceless , Duo PMM Katherine Yang sat down with Gene Reich, Co-founder of Traceless to discuss why stronger identity verification is critical for MSPs and helpdesk teamsespecially with the increased accessibility of AI technologies driving identity fraud. How can Duo MSP help?

Phishing 111

Phishing Technology Scams Cybercrime 111

CyberSecurity Insiders

NOVEMBER 2, 2021

Earlier this summer, we hosted a webinar with our partners at Mastercard , discussing how EMV tokenization can bring convenience and security to online retailers and shoppers. Secondly, merging customer authentication and user approval to increase the trust in the transaction. Unleashing full potential .

Retail 118

Retail eCommerce Authentication Marketing 118

Security Boulevard

JULY 20, 2023

AI can be used to monitor user behavior and make real-time decisions about whether to grant access or add step-up authentication if there is anything anomalous about the request (such as a login from an unusual timezone). If it detects a threat or anomalous behavior, its dashboard explains the decision in human-readable form.

Artificial Intelligence 98

Artificial Intelligence Authentication Education Risk 98

Thales Cloud Protection & Licensing

JANUARY 24, 2024

Protecting Against the Risks and Managing the Complexities of a Quantum World with Thales and IBM Consulting madhav Thu, 01/25/2024 - 11:03 Contributors: Ollie Omotosho - Director, Strategir Partnerships, Thales Antti Ropponen, Head of Data & Application Security Services, IBM Consulting In the world of business, data security is paramount.

Risk 87

Risk Encryption Technology Architecture 87

eSecurity Planet

MAY 28, 2024

Cloud security issues refer to the threats, risks, and challenges in the cloud environment. Risks include potential damage from cyber threats and vulnerabilities. 4 Top Cloud Security Risks A cloud security risk is a combination of the possibility of a threat arising and the system’s vulnerability.

Risk 71

Risk Cloud Migration DDOS Encryption 71

Duo's Security Blog

SEPTEMBER 6, 2023

Be sure to tune into our webinar, The State of Passkeys in the Enterprise , on September 7th at 9am PST | 12pm EST. Passkeys on Cloud Platforms Passkeys have growing support from significant vendors. This enables client-side support for passkey authentication. They will also be transferred between cloud providers by passkey exchanges.

Passwords 105

Passwords Password Management Authentication Threat Detection 105

CyberSecurity Insiders

APRIL 10, 2023

In the current digital landscape, identity security has gained paramount importance due to the growing cyber risks posed by phishing and social engineering attacks utilizing AI. Thus, a robust identity security framework is essential to safeguard against these risks and ensure the protection of personal information.

Identity Theft 105

Identity Theft Education Authentication Data breaches 105

Security Boulevard

JULY 21, 2023

By providing visibility into attack paths, it helps to mitigate these risks. Multi-factor authentication (MFA) : MFA requires users to provide more than one form of identification to access a system or application. Passwordless : Passwords are typically the weakest link in any organization's security apparatus.

Threat Detection 98

Threat Detection Passwords Authentication Accountability 98

Duo's Security Blog

JULY 15, 2021

Yes, it’s a password-less authentication method, greatly streamlining the login experience, and while that’s a great incentive to use passwordless for logging in, it’s not an improvement in authentication security in and of itself. Unlocking authenticator devices locally removes the threats of credential reuse and shared secrets.

Phishing 105

Phishing Authentication Passwords Risk 105

Duo's Security Blog

OCTOBER 18, 2022

By this point, we’re all familiar with the list of requirements for a strong password: unique, long, memorable, free from any personal information… But even the strongest passwords can pose a risk if they’re the only thing standing between your users and enterprise content.

Insurance 64

Insurance Passwords Cyber Insurance Authentication 64

Duo's Security Blog

SEPTEMBER 30, 2022

If you are not sure what the new security requirements are or if they affect your business or organization, don’t worry – we put together a webinar to help answer those questions. Watch the FTC Safeguards Rule Webinar. The definition of financial institutions includes non-financial institutions. Try Duo for free!

Cybersecurity 94

Cybersecurity Authentication CISO Healthcare 94

Duo's Security Blog

MARCH 9, 2022

The Australian government is urging companies in the region to adopt strong cybersecurity practices due to increased global risk stemming from the conflict in Ukraine. The move to passwordless authentication provides a single, strong assurance of users’ identities to achieve trust.

Cybersecurity 98

Cybersecurity Passwords Authentication VPN 98

Security Boulevard

FEBRUARY 14, 2022

How Enterprise Customer Identity Helps You Make Money, Slash Costs, and Reduce Risk. Here are four reasons why investing in great customer experiences with ForgeRock's enterprise CIAM will help your organization make money, slash costs, and reduce risk. Reduced Risk. ForgeRock also reduces risk with Zero Trust security.

Passwords 97

Passwords Retail Digital transformation Risk 97

Duo's Security Blog

SEPTEMBER 1, 2023

We’ve been answering these questions in this blog series by unpacking the pros and cons of passkey technology from different authentication perspectives. Today, we’re focusing on how passkeys compare to passwords when it comes to authenticating on cloud sites. A separate set of passkeys are required to authenticate into each site.

Passwords 69

Passwords Authentication Phishing Technology 69

Duo's Security Blog

NOVEMBER 6, 2023

A smart user, when faced with the risk of stolen credentials, knows better than to face this threat alone. While multi-factor authentication is a powerful tool to protect and verify a user is who they say they are, having to repeatedly authenticate introduces unproductive security friction.

Passwords 83

Passwords Authentication Risk Technology 83

Security Boulevard

JULY 6, 2023

You can learn more about AI-generated identity fraud and how you can use AI to protect your business and your customers by attending our webinar: Protect Your Customers Against Identity Fraud. Also, be sure to attend our webinar, Protect Your Customers Against Identity Fraud.

Artificial Intelligence 105

Artificial Intelligence Passwords Authentication Accountability 105

CyberSecurity Insiders

FEBRUARY 28, 2023

This is why governments and organizations around the world are implementing a zero trust security framework to reduce the risk of attacks while protecting resources and data. Zero Trust , will join us and discuss the current state of zero trust.

Architecture 132

Architecture Authentication Technology CISO 132

Duo's Security Blog

JULY 1, 2021

Tall Tale #1: PINs Are Just Passwords In Part 1 , we talked about how passwordless authentication is still multi-factor: Possession of a private key, ideally stored on a piece of secure hardware A biometric or PIN the authenticator uses to locally verify the user’s identity Reasoning about a PIN being used as a factor is simpler than a biometric.

Passwords 98

Passwords Surveillance Authentication Risk 98

Thales Cloud Protection & Licensing

FEBRUARY 11, 2020

Knowing who and what can be trusted is a constant struggle, as malicious code, untrusted connections, and misconfiguration all lead to one thing – more risk. Several mechanisms help application and security teams to mitigate these risks, but identity is at the core. Identifying all of the “things” (e.g. 509 certificates.

Authentication 101

Authentication Encryption Risk Software 101

Duo's Security Blog

FEBRUARY 6, 2024

Addressing identity-based attacks Duo has made a number of significant investments in identity security over the last several years with the release of Duo’s Trust Monitor, Duo’s Risk-Based Authentication, and moving Duo’s Trusted Endpoints feature into Duo’s Essentials edition. Stay tuned!

Accountability 119

Accountability Authentication Risk Marketing 119

Security Boulevard

NOVEMBER 21, 2024

shines a bright light on the risks organizations face if their identity and access management (IAM) system is targeted by cyberattackers. Point-in-time scans risk missing active threats like Kerberoasting , DCSync and password spraying — techniques that cyberattackers can execute repeatedly to evade periodic checks.

Risk 102

Risk Accountability Passwords Authentication 102

Duo's Security Blog

SEPTEMBER 4, 2023

In our recent passkey blog series , we’ve been unpacking the difference between new passkey technology and more conventional password security in light of some of the most critical authentication scenarios. They’re also at risk of theft if they’re left cached on the device. Passkeys excel at multi-device use.

Passwords 81

Passwords Authentication Accountability Password Management 81