Touch ID and Beyond: Duo’s Plans for WebAuthn
At RSA Conference, we'll announce the general availability of Touch ID as a WebAuthn MFA method in Google Chrome.
50 Articles Found
At RSA Conference, we'll announce the general availability of Touch ID as a WebAuthn MFA method in Google Chrome.
The Department of Homeland Security (DHS) made a curious announcement during the shutdown that had everyone scratching their collective heads ... at first. DHS gave agencies 10 days to get their account security in order, specifically calling out two-factor authentication (2FA) and other protections due to DNS hijacking vulnerabilities.
We've released a set of analytics enhancements to the Duo dashboard to help our customers find information and enable better security analysis; including three new authentication and deployment reports, and an update to our Authentication Log.
This blog post describes a new vulnerability class that affects SAML-based single sign-on (SSO) systems. This vulnerability can allow an attacker with authenticated access to trick SAML systems into authenticating as a different user without knowledge of the victim user’s password.
By juggling different factors to rebalance the risk, you’re employing adaptive authentication: adapting to the current estimated level of risk at the time of login. If you think of authentication factors as being like a hand of cards, you can play the cards that you think are appropriate at each point in your game.