Zoom’s New End-to-End Encryption Is Great, But Still It Doesn’t Address Its Biggest Security Issue

by Daniel Waldman, on Mon 18 May 2020

Zoom recently acquired an end-to-end encryption company, beefing up their security. However, the service is still open to phishing, a primary attack vector for hackers. For corporate users the problem can be solved with properly implemented SSO and multi-factor authentication, which is not based on usernames and passwords. But individual and professional accounts still remain vulnerable.

Continue reading

The Dangers of Mobile Single Sign-on (SSO) and How WWPass Can Protect You

by Daniel Waldman, on Tue 18 February 2020

Single sign-on (SSO) has become a popular feature within corporate infrastructures, enabling users to quickly bypass typical security checks to get to applications. In fact, it’s become common for employees to use SSO along with their personal smartphones to log in to corporate applications. However, this scenario has some major security challenges that, if left unchecked, can spell disaster should someone get a hold of employees’ phones.

Continue reading

What You Need to Know about Two-factor, Multi-factor, and Strong Authentication

by Daniel Waldman, on Wed 06 November 2019

How can a company avoid dangerous and costly breaches? One essential method is ensuring that software systems containing sensitive business and customer information are secured with multi-factor authentication. There is a lot of confusion over what that means, though, and what is the difference between two-factor authentication (2FA), multi-factor authentication (MFA), and strong authentication. Let’s take a closer look at these terms to understand how a business needs to best protect its most sensitive assets.

Continue reading

Why PassHub is the Right Alternative to KeePass

by Daniel Waldman, on Tue 03 September 2019

When it comes to password managers for IT teams, KeePass is one of the most popular. That said, KeePass has a number of limitations that counteract both its convenience and its security measures. Here’s a closer look at why PassHub warrants serious consideration if you’re looking for an alternative to KeePass for your IT team.

Continue reading

5 Reasons Your IT Team Needs to Beef Up Its Password Management

by Daniel Waldman, on Mon 19 August 2019

Whether you’re a small business or a Fortune 500 multinational corporation, information security should always be a top priority. Just last year, billions of digital records containing personal information were stolen through data breaches, causing tens of millions of dollars in damages. Compromised or hacked passwords are often at the root of security breaches. If that’s not reason enough to secure your company’s systems with a business password manager, here are 5 more reasons why your IT team should take steps to improve its password management.

Continue reading

How secure is your account with two-factor authentication codes

by Eugene Shablygin, on Wed 08 May 2019

If you wouldn’t give a surgeon’s knife to a lumberjack for chopping down a tree, or an axe to a surgeon for performing surgery, why would you require your users to login with usernames, passwords, and obsolete two-factor authentication when Right Factor Authentication is the right tool for making your online accounts secure?

Continue reading

Why I am not surprised

by Eugene Shablygin, on Mon 18 February 2019

Continuing to use usernames and passwords also known as Human Readable Credentials (HRC) is the definition of insanity. We all know they don’t work, so why do we keep using them over and over again and expecting different results each time?

Continue reading

Not all authentication QR codes are created equal

by Perry Chaffee, on Mon 04 February 2019

QR codes get a bad rap due to all the people who’ve used them incorrectly. However, they can solve the single biggest problem in cybersecurity today when implemented correctly; replacing usernames, passwords, and other unsafe human readable credentials.

Continue reading