Windows 2FA – It’s a Big “Where” In “Everywhere”

If you’re a regular reader of our blog, you’ll know that here at Centrify, we’re big believers in multi-factor authentication (MFA) and strong supporters of MFA Everywhere. Passwords don’t protect us, our data or our businesses – and we need something better. As an extension of our commitment to eradicate passwords wherever possible, and bolster security with MFA wherever we can, we’ve extended our “MFA Everywhere” initiative with a key new “where” – 2FA for Windows logon. Speed and Security We can hear the cries now: “2FA! Windows Logon! Won’t that slow all my users down?” Not if the second…

Podesta Twitter Hack: A(nother) Lesson on Two-Factor Authentication

In the midst of the WikiLeaks’ release of thousands of emails purportedly from his inbox, Hillary Clinton Campaign Chairman John Podesta has now become the victim of a hack into his Twitter account. CNN is reporting that Podesta’s account was hacked on Wednesday, September 12, and that, just as Clinton landed in Las Vegas, Podesta ostensibly tweeted, “I’ve switched teams. Vote Trump 2016. Hi pol.” While the specific details of the hack have yet to be discovered, a likely scenario is that Podesta’s Twitter account was protected solely by a username and password – without any form of two-factor authentication….

What is a Derived Credential Anyway?

What is a derived credential anyway? You may have heard that Centrify announced support for “derived credentials,” in conjunction with its smart card offering. If you aren’t in the federal or ultra-secure enterprise space, you’ve probably never heard of derived credentials. So what’s so special about it? Users that are issued smart cards as their primary means of authentication have to physically insert a card into a reader on their desktop/laptop and then enter a PIN. This form of authentication replaces the username and password, and also covers the 2-factor requirement as well. (The card is something you have, and…

Creating a Custom WS-FED Application

In this blog post I’d like to show you how to create a custom WS-Fed application on the Centrify User Portal. This may be an existing internal app or a 3rd party hosted application. As you probably know by now Centrify provides about 3,000 application profiles out of the box, but there are those cases when you might have an internally developed app or a lessor know 3rd party app that supports WS-Fed and you would like to provide it with single sign-on . I’ve included a primer on how SSO works with WS-Fed as well as detailed instructions on…