Keycloak Multi-Factor Authentication With Hardware Tokens
Nowadays, when hackers constantly look for vulnerabilities, while more and more aspects of life are being digitized, cyber security is of utmost importance and every app developer has to pay special attention to access management. Keycloak is one of the most ingenious solutions created with app developers in mind. It provides an elegant and easy way for securing modern applications and services. With Keycloak comes an easy to roll out...
4 Reasons Two-Factor Authentication Isn’t a Panacea
Two-factor authentication (2FA) is an indispensable cybersecurity measure used to protect data. Most of the modern information security standards despite the area of application such as PCI DSS, PSD2, HIPAA, etc., demand the multifactor authentication (MFA) among other data protection methods. This approach allows mitigating the danger coming from such attack vectors as brute force password cracking, keylogging, social engineering,...
How to Protect Facebook Account from Being Hacked
Why should you worry about protecting Facebook from hacking Many tend to believe that the security of their social media presence isn’t the first thing worth the effort to work on. You don’t often see a question like ‘How Can I Protect Facebook Account From Being Hacked?’ unless the person making such a request got hacked recently and now seeks the protection based on the bitter experience. What does a hacker get when they hack FB...
Why US, Canadian, and EU Universities Choose Programmable Hardware OTP Tokens
Almost all universities and colleges in the US, Canada, and EU use two-factor authentication to protect their faculty and staff accounts. Quite often they choose in-app 2-factor authentication, which means that one-time passwords are generated on the users’ smartphones. Though, in this case, they face a few issues: Not everybody agrees to use their personal smartphones for corporate needs. Some people still use old models...
Reddit was hacked: how it happened, who the victims were, and why SMS authentication failed
Reddit was hacked. The attackers managed to extract logins, e-mail addresses, passwords (salted and hashed, fortunately), and even a complete list of private messages from users who joined the site before 2007. The hackers were also able to access the e-mail addresses and logins of all users who received the site’s newsletter in June 2018. The SMS authentication failed. The attackers were able to intercept SMS messages...