Authentication

Discontinuing mandatory password rotations, banning outdated MFA methods, and other updates in the NIST SP 800-63 standards for digital account authentication and management.

Recent research describes a method for snooping on what Apple Vision Pro users enter on the virtual keyboard.

Developers’ accounts are being hijacked using fake job offers sent from a legitimate GitHub address.

A new phishing technique uses progressive web apps (PWAs) to mimic browser windows with convincing web addresses to steal passwords.

Based on our analysis of ZKTeco vulnerabilities, we dissect the risks associated with biometric authentication.

SIM swap fraud is back in vogue. We explain what it is, the danger it poses to organizations, and how to guard against such attacks.

Google OAuth allows to create phantom Google accounts — uncontrollable by corporate Google Workspace administrators.

Single sign-on is supposed to enhance corporate security, but it’s essential that cloud vendors have the information security team’s back.

Researchers used a hardware hack to bypass Windows Hello biometric authentication on three different devices. Can you trust this login method?

Everything you wanted to know about Google account passkeys: how they work, why they’re needed, where to enable them, how to configure them, and what storage options are available.

The already impressive list of Kaspersky Password Manager features has been expanded to include a built-in, cross-platform, two-factor authentication code generator.

What two-factor authentication types are out there, and which ones should be preferred.

Which screen-locking method best protects your Android smartphone: PIN code, password, pattern lock, fingerprint, or face recognition?

Proper account security not only reduces the number of cyberattacks on companies — it brings financial benefits too. What needs to be done to reap them?

Android fingerprint protection isn’t that reliable after all: it can be brute-forced even without a copy of your fingerprint.

What multi-factor authentication is, why you should use it, and what “factors” there are.

We review a recent study on biometric authentication that uses breath analysis.

Hackers from Lapsus$ group claim they breached Okta, a major provider of access management systems.

We use raccoons to explain how identification, authorization, and authentication differ, and why 2FA is necessary.

Apple to roll out a system of its own for quick login to websites and apps. Learn what makes it different from similar offers.

How to protect the financial accounts of your clients without scaring them away.