Video Screencast Help
Authentication (User) Blog
Showing posts tagged with two-factor authentication
Showing posts in English
vipmobile | 26 Jan 2009 | 0 comments

It seems like every day there's another headline about a major site being hacked with stolen usernames and passwords. Today it's Monster.com, which has compromised the passwords and personal details of thousands of recruiters and job seekers.

How many more of these breaches will it take for people to realize that just plain passwords aren't good enough?

Vicente | 06 Jan 2009 | 0 comments

I always find it interesting the way old scams are redressed for new and emerging channels.

That was the case during the last few days when Twitter users and employees found themselves under attack by phishers and hackers: follow these links to find a good account of the former and the latter.

Today I'll talk about the phishing attack, which consisted in luring people to give away their twitter passwords to a fake site, the novel aspect is that it used twitter-generated messages (Direct Messages) to propagate to your list of contacts (Followers).

This is all pretty similar to what we have seen with phishing via e-mail, but with two key differences:

- The first one is that e-mail phishing is a "mature product" where phishers are one...

vipmobile | 05 Dec 2008 | 0 comments

This just in from the Washington Post: CheckFree, a major online bill payment site with over 24 million customers, had their domain hijacked and redirected to a site that tried to install malicious software on users computers. This all happened because criminals stole the username and password for CheckFree's domain management account at Network Solutions.

Clearly the criminals who perpetrated this attack should be caught and prosecuted, but isn't it sad that such valuable assets are protected by just a simple username and password? If you run a website, your domain registrar has the keys to your online castle -- how could this not be protected by strong two-factor authentication?

vipblog | 24 Nov 2008 | 0 comments

Today PayPal launched mobile access for its Security Key. This means that along with the traditional token and credit card form factor, PayPal Security Key users can now get their one time password (OTP) texted to their mobile phone. This is very cool, especially if you're one of those people who use your cell phone for everything--phone, email, text, Internet, GPS, camera...and now you can use it to protect your accounts online.

The new SMS OTP for the PayPal Security Key is available to customers in the U.S., Australia, Austria, Canada and Germany. PayPal does not charge for the OTPs texted to mobile devices. To use the service, customers need a mobile device and wireless service set up to receive SMS text messages. It's that simple.

The PayPal Security Key is part of the VeriSign Identity Protection (VIP) Network. As part of this network, consumers can use the OTPs to protect their accounts on a variety of financial services and e-commerce Web sites like eBay,...

vipblog | 29 Oct 2008 | 0 comments

Organizations around the world are deploying VeriSign® Identity Protection (VIP) services to stop fraudsters from tricking consumers into revealing sensitive private information. VeriSign Identity Protection service's one-time-passwords (OTP) are one element of a layered security approach. Other layers include Web site security brought by an Extended Validation (EV) SSL Certificate, fraud detection services to monitor anomalies on the back end, and consumer education.

The VeriSign Identity Protection Network allows consumers to use a single security device to authenticate...

vijai | 21 Oct 2008 | 0 comments

You may have read the news over the weekend that cyber thieves raided Sarkozy's bank account and began stealing small amounts of money frequently. This marks the second high-profile online account break-in in recent weeks where an e-criminal broke in through the user name and password security function (the Palin email hack was the other). Consumers need to take full responsibility and control of their online accounts by securing them with an added layer of security, beyond a username and password. With more and more consumers putting their identities online, this type of account break-in will continue if we continue to use simple usernames and passwords. One such way to strongly secure an online account is the use of one-time passwords, also referred to as two-factor authentication. Some banks have already started rolling such measures to their customers. The...

vipmobile | 19 Sep 2008 | 1 comment

The recent news about how Vice Presidential candidate Sarah Palin's Yahoo email account was hacked makes it clear as day that we need better security for web based email, and we need to close the giant loophole of "password reset". Web email often gets lumped into the bucket of "low value" accounts, so system designers pay little attention to the security of its authentication systems, but it often contains our most personal details. How many more high-profile account takeovers are we going to see before people take account security seriously? Come on folks, usernames and passwords just don't cut it anymore, and the problem isn't just limited to financial sites.

This incident also makes it abundantly clear that system designers need to take a holistic, layered approach to security....

Tim Callan | 09 Sep 2008 | 0 comments

Today we announced that the American Bankers Association will be joining the VIP Network. We are very excited about this on many levels. Getting VIP credentials into the hands of 350 member banks creates a huge opportunity for VeriSign and makes this much more convenient for their users. ABA Members will have first hand experience with strong authentication on tools they use every day. And as this protection rolls out, ABA member banks will witness how easily they can deploy strong, two-factor authentication, and how convenient it is for their customers. We look forward to working with the ABA. Welcome to the network!

vipmobile | 12 Aug 2008 | 0 comments

Network Products Guide just announced we won the Reader Trust Award for Best in Multi- and Second-Factor Security. We're putting it in our trophy case right next to the Product Innovation Award in the Consumer Application or Service category. This is great for companies making decisions about two-factor authentication for their customers -- they might want to know the industry thinks highly of VIP.  It's also great for the team here at VeriSign working on VIP to see all their efforts to create a great product payoff with an award like this. So thank you, Network Products Guide, from the team at VeriSign. Here is the ...

vipblog | 02 Jul 2008 | 0 comments

We asked people on the streets of San Francisco about what they do online, how many passwords they have, and whether they think their personal information is safe.

"Any bill that I pay, other than my rent, I pay online"
"There's probably a lot of sites out there that have my personal information."
"Sometimes even with secure sites, hackers get through"

"Every time I use a credit card, I hope that's the only place it gets used."

Find out how VeriSign can help keep your online identity safe.