Video Screencast Help
Authentication (User) Blog
Showing posts tagged with 2FA
Showing posts in English
Teresa Law | 18 Aug 2014 | 0 comments

If anyone needed another reason to be wary of using solely passwords to protect their accounts, the recent report of the Russian cybercrime team that stole 1.2 billion usernames and passwords from 420,000 websites is that reason.  It makes you wonder, 1.2 Billion Login Details Stolen. Time To Retire The Password?

Although the attackers have not sold much of the stolen data, because of our propensity for password reuse the risk is there to cause significant personal damage, fraud, and outright theft.

One of the best ways to protect your online accounts is through a second factor of authentication - that way even if your password is compromised your account is still protected.  Below are some tips to protect your online data:

  • Use strong, unique passwords and never reuse them across other online accounts.
  • Activate two...
Teresa Law | 27 Jun 2014 | 0 comments

Managed PKI Service 8.11 featuring a self-service portal, administrator enhancements, and updated platform support has been made generally available to customers.

Feature Details

Self-Service Portal

Managed PKI 8.11 provides a Self Service Portal that allows your users to manage their own certificate lifecycle operations (such as viewing, enrolling for, renewing, and revoking certificates, and downloading root CAs).  The new self-service portal will not only improve the user experience, no more waiting for the Helpdesk to address their issue; but it also reduces the burden on IT.   Allowing users to address credential management themselves frees IT to address other strategic issues.  This feature is available to all customers who have Enterprise Gateway.

Support for SHA2

This release establishes SHA2 as the default signing algorithm for existing and new accounts to provide the...

Teresa Law | 27 Jun 2014 | 0 comments

VIP Enterprise Gateway 9.5 supporting authentication using VIP Access Push has been made generally available to customers.

You can now use VIP Access Push to access your corporate network through your VPN, in addition to web-based applications and with web service APIs.  The best part is you don’t need to dramatically change your current behavior, you just have one less step in the login process.  When using Push verification it's no longer necessary to enter the 6-digit code at the end of your password- you just enter the same userid and password you’ve always entered, tap the Allow button on your mobile device, and you’re in!

Two-factor authentication is an important piece of any resilient security strategy, providing a second layer of security beyond a simple password helps keep attackers out.   However, two-factor authentication is only valuable if it’s used, so it must be easy.  VIP Access Push makes authentication easy, which in turn...

Teresa Law | 17 Jun 2014 | 0 comments

The release of VIP Access for Android on June 16th is a landmark event, as it is makes use of market leading technology to create a highly secure application. We are certain this is just the beginning of a trend to provide greater security for mobile devices.

We have seen in the distant past extensive use of hardware tokens because of the high degree of security they provide, but you sacrifice the user experience.  With the proliferation of mobile devices users have demanded a more user friendly option – mobile credentials.  Mobile credentials have been embraced by all industries, although certain industries are more security conscious than others: financial, government, and many large enterprises. Mobile credentials provide a high degree of convenience, but for these sensitive applications a higher level of security is welcome; particularly for Android devices. Through the work of Trustonic and Giesecke & Devrient (G&D), VIP is able to utilize a hardware...

Teresa Law | 28 May 2014 | 0 comments

A recent article in the Silicon Valley Business Journal reinforces the fact that the era of the password is over.  We all know passwords alone are insecure, and when used as the only means to secure access can be easily compromised leading to costly breaches.  Google is the latest to offer a stronger form of authentication by planning to get users to verify their identities with a “Login Challenge,” in a bid to prevent unauthorized access across all of its Web services. For example, Google will send users a text message with a verification code, which they will have to use in order to gain access to their accounts. Users will receive the challenge should the login pattern be different from users' previous attempts. The search giant noted that the move to implement two-factor...

MelanieLopez | 16 Jul 2013 | 1 comment

Symantec would like to announce the new update of the Validation and ID Protection Service (VIP), with new functionality for VIP Manager and Enterprise Gateway v9.3.

Three new groups features – user groups, admin groups, and a Super Admin group – in this release provide greater flexibility in policy-driven identity management to meet diverse needs, as well as reduce risk and complexity for keeping administrator rights up-to-date. Additionally, there is now the option to use Device Identification and Intelligent Authentication independent of each other, for added protection as part of a multi-factor authentication policy. These new features and others are available now in your VIP Manager. Please ensure you download the Enterprise Gateway v9.3 update to use these features.

Summary of New Features

  1. Ability to manage credential policies by user group
  2. Ability to manage administrator groups and synchronize with LDAP/AD User Stores
  3. ...
Brendon Wilson | 04 Jul 2011 | 0 comments

 

Last week, the Australian online edition of CIO magazine published a great set of questions your CEO should be asking IT staff about replacing their existing strong authentication solution. Three key questions in the article are particularly interesting in wake of the recent news from RSA:

  1. How much is distributing new tokens going to cost the organization?
  2. When will we receive the replacements? Six months? Twelve months?
  3. Are there any alternative two-factor authentication offerings that are lower cost and more convenient that would save the organization operating expenses without compromising security?

Most organizations seeking to mitigate the potential risk to their sensitive...

vipmobile | 04 May 2010 | 0 comments

Han Dong, Senior Manager - Product Marketing, User Authentication

cloud_apps2.jpg

Thinking of moving your productivity apps to the cloud? Several tech-savvy folk like you have already deployed or are in various states of making the move to leverage an increasing number of enterprise productivity apps that live in the cloud. Just consider the benefits of cloud-apps:

  • Zero infrastructure investment / capital expenditure (for typical server & software installation, on-going care and feeding, etc.)
  • Quick-and-easy deployment and provisioning of applications (no need to install software on redundant servers or on every desktop), including multi-tenant (disparate organizations) sharing of pooled resources (of host CPUs, system failover,...