Based on the ready availability of AI-based voice cloning, we declare voice biometric authentication to be utterly valueless.
Resource Library
Showing 1 to 18 of 21 resources
Britain's National Cyber Security Centre recently issued a lukewarm verdict on passkeys as an authentication solution. We explore the problems with WebAuthn, including account recovery, spotty availability, inconsistent implementation, and lack of…
We define multi good factor authentication, which is the idea that not all authentication factors are equal. We discuss the importance of considering authentication strength and the contextual nature of trust.
Cybersecurity isn’t all or nothing. Incremental improvements, like automation and shorter SSL/TLS lifespans, reduce risk and strengthen defenses.
Not all forms of MFA are equally secure. In this episode, we describe the differences between the more secure and less secure forms of MFA.
Despite years of awareness, basic cybersecurity practices like strong passwords, MFA, and phishing alerts are still essential in our fast-paced world.
White hat researchers have raised concerns about FIDO 2 (AKA WebAuthn). We explain.
New malware photographs users' faces to defeat authentication mechanisms. Biometrics are not "secrets."
A social engineering attack to steal a one-time password (OTP) to enable unauthorized access is further exploited by a cloud backup feature.
Recent high profile attacks that were enabled by defeating MFA. We explain the concept of MFA fatigue and why it is an enabler for these attacks.
Certificate-Based Authentication (CBA), which can replace the need for passwords across the enterprise.
A recent article from Brian Krebs advances the idea that using OTP MFA may actually be a liability to security. We explain that reasoning.
In this episode we clarify the difference between OTP services and passwordless authentication.
A recent FBI warning cautions organizations about exploits based on misconfigured DUO MFA. We explain this exploit and why it is noteworthy.
We explore out-of-band phone calling as a MFA method, including, what attacks it defends against successfully, and what attacks can circumvent it.
A new attack allows cloning of the Google Titan secure key. we describe this attack and its implications for Titan and other secure keys.
The SolarWinds supply chain attack i includes unusual manipulations of digital identity and certificates. We explore these aspects of the attack.
In our ongoing examination of MFA, we examine authentication through soft-token OTP (one-time passcode) and compare it to SMS tokens and hard tokens.
Need assistance?
Contact our team for help with your purchase or issuing your certificate.
Live chat
Click the button below or click "Chat with an Expert" to start chatting with us now!
