Tag Archives: Two-factor Authentication

Payment Services Directive

29 Nov

So, Tesco was hacked. Although there is no official word yet on how this happened, the chatter among people far smarter than me are suggesting the issue is related to passwords and the Tesco Club card.

Followers of CyberMatters will recognise that I often blog about password issues. Is there anything new to say on the subject I hear you ask? Yes…  Continue reading

We cannot let passwords die (yet)

4 Aug

I’m getting fed up with marketing that says “Passwords must die” only to present yet another solution that won’t replace them. 

The challenge to solve is ubiquity – this is why passwords have stood the test of time, even with their obvious and proven shortcomings.

Continue reading

Why is my Password Too Long?

26 Jan

Dear Virgin Media

I recently decided it was time to change my password on my NTLWorld email account (managed by Virgin Media).  I entered a new password only to be told “Password too long”. How long was my password? 11 characters. 10 characters are OK apparently. Continue reading

The Smart Home Cyber Security Manifesto

24 Nov

At the Smart Homes and Building Association (SH&BA) “Smart Home Breakthrough Summit” last week, a new Cyber Security Manifesto was unveiled by CONTEXT, a leading European IT market analysis company, and the SH&BA Security Panel. Continue reading

Two-Factor Authentication Phishing

6 Oct

I’ve not blogged on two-factor authentication for a while – the roll out among major providers is encouraging – Come on Amazon and Virgin Media, it’s about time you stepped up.

Continue reading

Smart Card Management – Choose your process carefully

7 Jul

Earlier in my career I had the privilege of working for Intercede, a company supplying smart card management systems. A core capability was the ability to manage the card lifecycle and credential lifecycle (e.g., PKI certificate), as distinct from other systems that manage credentials and placed them on cards without managing the card lifecycle. A part of the sales pitch was if you don’t manage the card lifecycle in the system, you will end up with a spreadsheet to manage the cards.
Continue reading

Does Two Factor Authentication Actually Weaken Security?

11 Jun

Readers of this blog will know that I am a strong advocate of two-factor authentication, commenting on it in various blog articles.

This article by Paul Moore caught my attention this week:
Continue reading

Independent Factors

3 Feb

Two-factor authentication and two-step verification are different things.
They are remarkably similar in concept, the difference being the trust model.
Continue reading

The Day the Technology and Entertainment News Headlines Were the Same: Hackers and Nude Celebs

8 Sep

You will no doubt have seen by now the news that naughty photos of celebrities have appeared on the internet.

It’s the story that has everything – cyber security, the dangers of the cloud, online safety and a little bit of smut thrown in for good measure.

Continue reading

Changing 40+ Passwords: Supplementary

22 Jul

In a previous blog series, I described my fun, games and gripes at changing 40+ passwords. Soon after the blog was posted, it struck me – there are yet more to change…

Continue reading