Addressing the Top Five App Risks in Business

It’s a time of conflict There’s a battle within businesses, and the battleground is your applications. Employees – in the name of productivity – are adopting new cloud and mobile applications every day.  IT – in the name of security – is trying keep private data secure against breaches. Both groups often think the other “doesn’t get it.”  Users complain about complex password policies, and security-related “hoops” they have to jump through.  IT complains about endless helpdesk calls for password resets, shadow IT introducing risk, and an inability to secure an ever-changing hybrid environment. But both groups have more common…

Password Management: Amateurs Hack Systems, Professionals Hack People

To say it in the words of the security guru, Mr. Schneier,“Amateurs hack systems, professionals hack people.” Don’t believe that the typical hacker is the socially awkward 20-something-year-old young man who cannot make eye contact with someone at Starbucks —  like Elliot from Mr. Robot. The most successful hackers are truly gifted grifters who can “talk their way out of almost anything” — or better said, “talk their way into anything.” Kevin Mitnick is probably the most notorious hacker of recent years, who has mastered the art of exploiting human vulnerabilities to get into computer systems, including those of American…

Centrify Expands It’s Developer Program to Make it Easier to Add MFA, SSO and Access Control to Apps

Single sign-on, social login, multi-factor authentication (MFA), password reset and access control can now be easily integrated into cloud, mobile and behind the firewall apps from third party developers by integrating Centrify APIs. Application developers are in a modern day wonderland where they can build multifaceted and intricate apps that function across user devices without having to build much computing or coding infrastructure.  It is now taken for granted that developers tap into well known APIs like Twitter, Facebook, Google or eBay to enrich their apps with new layers of context, function and integration. The API economy essentially allows developers to outsource some…

Password Reset on World Password Day

Well, I forgot another holiday. As I get older, it just happens more and more. Good news: It wasn’t my anniversary — though at this rate I’m sure to forget that soon enough. No, this time I forgot all about World Password Day. And you know what? I bet you did too. It’s just something about passwords. We forget them. We forget to reset them in time. We forget the “holidays” associated with them. We need something better, and when we can’t eliminate them, we need a better way to reset them. For ServiceNow customers, that means using something like Centrify…

Why a Simple Password Reset is Not Enough

Recently, a number of Amazon account holders received e-mails proposing a password reset out of “an abundance of caution.” This was a result of routine monitoring, in which Amazon discovered a list of e-mail addresses and passwords that had been posted online. Whilst the list was not Amazon-related, experience has shown that users regularly re-use their passwords across multiple websites. As such, Amazon sent out e-mails to all users whose addresses and passwords were on the list, with instructions urging a complete password reset. Whilst Amazon itself wasn’t breached, it is certainly noteworthy that its usual surveillance processes unearthed this list…

Time to Reset Your Password? Get Out the Dice

In the past week, I have been prompted several times a day to change my network password. And I’ve been putting it off each time I see that annoying pop-up window. Why? Because I’m sick and tired of coming up with a unique password! And who isn’t? But I’m getting close to my 90-day password use limit, and yes, I’ll have to do something about it soon. There has to be a better way to select a good password. One that’s easy to remember but hard to crack. You see, the rules for generating complex passwords are well known. Any programmer worth his or her salt can figure…

Can Adaptive MFA Mitigate Account Login DOS Attacks?

One of the problems faced by externally accessible accounts is the number of login attempts that these accounts should permit. On the one hand it is desirable to limit the number of password guessing attempts before locking an account.On the other hand, this leaves the accounts open to Denial of Service (DOS) attacks. That is, a malicious agent can continuously generate login attempts, with no intent of guessing the password even, just so that these accounts get locked time and again. This forces the user/IT to unlock the account before they can continue their work – which is annoying and costly in…

IT Self Service: Secure Password Reset and Beyond

As a Sales Engineer at Centrify, my job is to meet with customers and prospects everyday and learn about their Identity challenges. I’ve noticed a recurring theme lately – many customers telling me about their pains with password resets. Now this is not a new problem. It’s been widely known for a long time now that password resets are responsible for over 40% of support calls. IT self-service empowers users to take control of issues like password resets. But traditional automated password reset implementations have had limited success because of poor end user acceptance and poor policy and process. The…