Posts Tagged: authentication

Logging & Top 20 Default Username Attempts

┬áIt’s true to say that default or weak passwords remain a significant cause of compromise and data loss for many organisations. For years, lists of default usernames and passwords have been widely available (and indeed are a useful resource for penetration testers as well as the less ethically motivated). Whilst it’s great to focus on… Read more »

What Isn’t 2-Factor Authentication?

We’re often presented with environments where the PCI DSS mandates that two-factor authentication (2FA) is required. Sometimes, we see implementations that sound like 2FA, but aren’t. What is 2FA? Two factor authentication is a generic term describing a system that strongly confirms the identity of the person trying to gain access. It does this by… Read more »