Authentication

Technology’s pervasive reach and society’s mounting dependence upon it has weighty implications for evidence jurisprudence. As individuals continue to use the Internet as a means of commerce, personal expression, and social interaction, the Internet has become an increasingly important source of information pertaining to those personal and business transactions. When...

When a particular resource has been protected using basic authentication, Apache sends a 401 Authentication Required header with the response to the request, in order to notify the client that user credentials must be supplied in order for the resource to be returned as requested. Upon receiving a 401 response header, the client’s browser, if it supports basic authentication, will ask

This is a mini Rails app that uses RESTful authentication and Acts As State Machine with the following features: Signup Account Activation Login / Logout Forgot Password Reset Password Change Password The code is available from Google Code.Read more about this video…Want to control this feed contents? Sign up here and create your own feed!Want more on these topics?Browse the archive of po

Quite some time ago I put together a proof of concept illustrating the relative simplicity by which a multi factor authentication system, sometimes referred to as two factor authentication could be established for web services. My basic design concept was to use server-side technologies to create and store an authenticated session key having achieved strong authentication with the client browser.

CRYPTOCard IT Security - San Francisco,CA,USA, June 20, 2008 - Vendors selling managed authentication services, however, offer a third choice for password management: have a third-party company take over the chore of running a two-factor authentication system. DC Energy's Experience DC Energy, a proprietary trading firm that invests in energy markets, opted for the managed approa

This guide explains how to set up WebDAV with MySQL authentication (using mod_auth_mysql) on Apache2 on a Debian Etch server. WebDAV stands for Web-based Distributed Authoring and Versioning and is a set of extensions to the HTTP protocol that allow users to directly edit files on the Apache server so that they do not need to be downloaded/uploaded via FTP. Of course, WebDAV can also be used to up

This guide explains how to set up WebDAV with MySQL authentication (using mod_auth_mysql) on Apache2 on a Debian Etch server. WebDAV stands for Web-based Distributed Authoring and Versioning and is a set of extensions to the HTTP protocol that allow users to directly edit files on the Apache server so that they do not need to be downloaded/uploaded via FTP. Of course, WebDAV can also be used to up

You can configure Squid to prompt users for a username and password. Squid comes with a program called ncsa_auth that reads any NCSA-compliant encrypted password file. 1) Create the password file. The name of the password file should be /etc/squid/squid_passwd, and you need to make sure that it’s universally readable. # touch /etc/squid/squid_passwd # chmod o+r /etc/squid/squid_passwd 2) Use

Approaches to authentication such username and password is done only once, at the point that the user logs into the system. An alternative to this approach is provided by the Challenge Handshake Authentication Protocol (CHAP) which repeats an authentication procedure at random intervals during an ongoing connection between a client and a service. The CHAP authentication scheme is used primarily

To access the LDAP service, the LDAP client first must authenticate itself to the service. That is, it must tell the LDAP server who is going to be accessing the data so that the server can decide what the client is allowed to see and do. If the client authenticates successfully to the LDAP server, then when the server subsequently receives a request from the client, it will check whether the clie

CRYPTOCard and Interoute partner to offer CRYPTO-MAS (Managed Authentication Service) Ottawa, Ontario, May 16, 2008 - wo-factor authentication vendor Cryptocard has unveiled Interoute as the first pan-European recruit to its managed authentication service partner programme. Interoute will push Cryptocard’s CRYPTO-MAS managed service offering to its install base of 20,000 corpor

SecurityPark.net Ottawa, Ontario, May 12, 2008 - CRYPTOCard and Interoute have announced a strategic partnership to deliver a new form of strong authentication and identity management to Interoute's client base across the globe. CRYPTOCard's Managed Authentication Service (CRYPTO-MAS) will help Interoute's clients reinforce their identity management systems by eliminating a major IT

In previous post I have mentioned about SQL SERVER 2005 - Vista Ultimate and SQL Server 2005 DEV Edition. There was one simple issue with the installation. I was not able to login using windows authentication method. I was able to successful login using sa username and password. I kept on receiving following error. TITLE: Connect to [...]

SSH’s (secure shell) most common authentication mode is called “interactive keyboard password authentication”, so called both because it is typically done via keyboard, and because openssh takes active measures to make sure that the password is, indeed, typed interactively by the keyboard. Sometimes, however, it is necessary to fool ssh into accepting an interactive password non-interactively. This is where sshpass comes in.

SSH’s (secure shell) most common authentication mode is called “interactive keyboard password authentication”, so called both because it is typically done via keyboard, and because openssh takes active measures to make sure that the password is, indeed, typed interactively by the keyboard. Sometimes, however, it is necessary to fool ssh into accepting an interactive password non-interactively. This is where sshpass comes in.

Sometime back while surfing net I came across this posting giving step by step instructions to Add two-factor authentication to Google Apps for your Domain using open source software. The two factor authentication is important as most of us travel these days and increasingly use public Wifi networks - exposing ourselves to middle of work attack. Google has provided paid options for two factor auth

ITPro - Europe, May 01, 2008 - The Northern Ireland Department for Health, Social Services and Public Safety (DHSSPS) chooses Cryptocard to safeguard remote access and system administrators. Read more...

This is a short follow-up of the last post An Example of User Authentication System in PHP. In this post we’ll talk about the two methods of from sending GET and POST and how thy affect the way data sending From the previous posts example, when we provided the username and password and clicked on submit, we saw something like this: If you look at the address bar, you can see the data (username and password) being sent. Now, that’s not a good thing, if we are using a password box to hide the password being entered then what its use is if it can be seen this way! The good thing is that with very few modifications, the data passed can be made invisible (not to appear on the address bar). How? By using POST method of data sending for the HTML form. It

Mission To write a Python program which can be used to authenticate for Squid proxy server. This is useful when you don't want to configure complex systems like LDAP, ntlm etc. Use Cases When you want to authenticate clients using mysql database. When you want to authenticate clients using flat files or /etc/passwd file or some custom service on your network. read more

Mission To write a Python program which can be used to authenticate for Squid proxy server. This is useful when you don't want to configure complex systems like LDAP, ntlm etc. Use Cases When you want to authenticate clients using mysql database. When you want to authenticate clients using flat files or /etc/passwd file or some custom service on your network. read more

In this post we’re going to create a very simple user authentication system in PHP. It’d be like the one’s you see while logging in to various sites/services (emails, forums, social networking sites etc) User authentication is a way for sites to know who you are among the other registered users and showing you relevant content (may be confidential). For example it’s only you ho is authorized to see your emails because you only know your authentication information. In this post we’re going to create two files, a HTML page which will collect the username and password in a form. These information will then be send to a PHP script, which will verify and show the required information. Below is the PHP code: <?php //define some constants

We are always up for good news and new press releases and this release will be interesting to some but then again not to others, but here goes anyway. Clickatell who are a global provider of mobile messaging solutions and anything to make our lives better has to be thought about. Please read the full [...]

CRN Channel Web Ottawa, Ontario, April 04, 2008 - Take two factors into consideration when selling As a target market, they do not come more attractive than the extensive SME (Small to Medium Enterprise) community. Accounting for over 99 per cent of all UK organisations, and over 51 per cent of the UK’s estimated business turnover, as a collective the humble SME presents a goldmine of opportunity for resellers that is still going untapped. To take advantage of this burgeoning SME market opportunity, the profitability and longevity of your business is dependent on getting as large a share as possible of each customer’s IT budget. In order to do this you need to identify and act on every cross-selling or up-selling opportunity. If a prospective customer is in the ma

NewsBlaze, Daily News Ottawa, Ontario, April 04, 2008 - CRYPTOCard Adds SMS Token To Innovative 2FA Managed Authentication Service Stroud & Swindon Building Society Among First to Implement New SMS Functionality Within Existing CRYPTO-MAS Strategic Investment CRYPTOCard, a leading developer of two-factor authentication (2FA) technology for multi-vendor environments, has today launched in the UK its new SMS Token as part of the CRYPTO-MAS Managed Authentication Service portfolio.  The SMS token offers the flexibility of CRYPTOCard's existing two-factor authentication tokens - which are widely regarded as the most secure available - and additionally addresses the need for greater portability, affordability and simplicity, particularly among an enterprise's distributed

Uno de los acrónimos mas usados en distintos documentos relacionados con la seguridad es AAA, por ejemplo este articulo de Cisco: AAA - Autenticación, Autorización y Registro Conjunto de herramientas, procedimientos y protocolos que garantizan un tratamiento coherente de las tareas de autenticación, autorización y registro de actividad de las entidades que tienen acceso a un sistema de

Windows mode and mixed mode (SQL & Windows).To change authentication mode in SQL Server click Start, Programs, Microsoft SQL Server and click SQLEnterprise Manager to run SQL Enterprise Manager from the Microsoft SQL Server program group.Select the server then from the Tools menu select SQL Server Configuration Properties, and choose theSecurity page.

Authentication in IIS verifies whether a user attempting to access a particular website, can indeed access it. Authentication is the process that verifies whether the user can access the site which he/she is attempting to access. The authentication methods which can be used to authenticate users in IIS 6 are listed below. Each authentication method can be used to authenticate users attempting to access Web sites. However, only Anonymous access and Basic Authentication can be used as an authentication method for FTP sites. Anonymous access: This authentication method is enabled by default for both the Default Web Site and Default FTP Site. Anonymous access allows all anonymous users to access the content of the Web site. Anonymous access is typically utilized for public Web sites

Cisco Systems, Inc. has developed the Lightweight Extensible AuthenticationProtocol (LEAP), sometimes known as “EAP-Cisco Wireless”. LEAP provides twoimportant security features.Mutual Authentication Between Station and Access PointLEAP requires the mutual authentication between stations and access points. Thisallows a connecting station to verify the identity of the access point with which it isattempting to associate. At the same time, the access point must verify the identityof the station. The station must present a username and password that will beverified by a LEAP-capable RADIUS server such as the Interlink Networks RADSeriesAAA Server. This mutual authentication ensures that only authorized usersare allowed access to the network while preventing hijacking of legitimate userses

The Cisco LEAP authentication and key exchange process occurs in three phases. The Start PhaseIn the start phase, the supplicant begins the authentication by issuing an EAPOWStartmessage to the authenticator. The authenticator responds to the supplicant withan EAP-Request/Identity message. The supplicant responds with an EAPResponse/Identity message that delivers its identity to the authenticator.Figure 2 – The Start Phase. The supplicant (client) sends an EAPOL-Start message. Theauthenticator responds with an EAP-Request/Identity message. Finally, the supplicantresponds with an EAP-Response/Identity message which contains the identity of the user.The Authenticate PhaseThe Cisco LEAP authentication is a mutual authentication method. TheAuthenticator (Access Point) relays EAP messages to

If you try to open the Forms Authentication enabled site in SharePoint Designer it will through the following error:The folder '' isn't accessible. The folder may be located in an unavailable location, protected with a password, or the filename contains a / or \.Designer cannot open the site because the site using custom authentication.There is two workaround for this issue.Approach 1:· While login to forms authentication site check the sign in me automatically(it will cache the credential and it will load the Designer)Approach 2:· Extend the Existing Forms Authentication Enabled web application to windows authentication application. Now windows authentication enabled web application can be opened in sharepoint designer using windows authentication. My Reccomandation would be Approach 2

Have ever been thorough cpanel ? when you open the link of cpanel, you can see a pop up which ask for entering user name and password for login. Well in my article I'm going to show you how you can build the same kind of page protecting mechanism using http authentication in php.Somebody might say that I can also protect the page by making a login page to access the protected page. Well dude!! you are right, you can do that but the main benefits of this method is "you don't have to create the login page at all".Let's Start, First of all store the user name and password in the variables$auth_user="urusername";$auth_pwd="urpassword";For better security, please store these values in database and authenticate from database.Now let's create the http authentication function called authenticate() using header() function available in PHP.function authenticate(){header('WWW-Authenticate: Basic realm="Enter Your Login detail to add money"');header('HTTP/1.0 401 Unauthorized');echo "You m

MicroScope Magazine (www.microscope.co.uk), December 10, 2007 - Reseller perceptions that authentication is a complex and expensive enterprise sell are going to be challenged, with the technology increasingly being aimed at the SME arena. A handful of players operate in the market, including RSA and Vasco, with the traditional focus on the enterprise and financial sectors. Jason Hart, senior vice-president for Europe at CRYPTOcard, said...   Read More...

Now the Mobile Phones could be used as a Bar Code reader too, thanks to the technology provided by the Asian Mobile Messaging gateway MacroKiosk http://www.macrokiosk.com/ which has provided the platform for the SMS barcode authentication system! Its known as Mobile Authentication Services(MAS), and makes a way for mobile phones could be used as a bar code scanner and to make authenticate online ticket purchasing or such other things or to collect rewards points etc. MAS combines 2D barcode & GSM picture technologies! It converts the text or pic messages within a 2D barcode than it could be send to the cell phones through Text Messaging, SMS, and WAP etc. Its a totally secured system and is each of the Bar Code is Unique here as its one and only one at the time on the whole of this earth at the time! Ref.: http://star-techcentral.com/tech/story.asp?file=/2006/8/29/prodit/20060829190649&sec=prodit http://www.textually.org/picturephoning/archives/2006/08/013376.htm

By-pass the login processThe website authentication system could be very annoying when you want to access certain information rapidly and you do not remember the login details or you do not have a login account.Did you think about the existence of a possibility to enter a password protected website without typing in a login name and a password? But without having a login account?These two questions have a straight answer: it is possible to by-pass the login process when websites have an authentication system used to control users access to certain resources.In the first situation, when you have a login account but you forgot the username and password, enabling cookies in your web browser can help you. Every modern web browser provides options for cookies management in privacy settings area.By enabling cookies in your web browser, next time you go on a password protected web site, the login process will be by-passed and you will be redirected to the desired page, because the cookie will

Leo en el blog de Luis Daniel Soto que ya se libero la version de Windows LiveID Authentication, yo estuve haciendo pruebas, pedi mi AppKey y toda la cosa, pero resulta que lo unico que te manda es un token de 16 digitos o algo asi y listo. En un principio pensé que con este servicio, me olvidaria de crear un registro para EM, o mejor dicho, quitaria esa parte, ya que no estoy usando Membership, pense que seria codigo que limpiaria la aplicacion, pero honestamente ni siquiera me manda el nombre y apellido de la persona de regreso. Y estuve leyendo documentacion y curiosamente el webservice me puede mandar de regreso sus contactos, pero no su informacion, no me agradaria poner en la aplicacion "Hola 124128374128, bienvenido a nuestro sitio"... :S Le dare una revisada por segunda ocasion

Israel based ClassifEye developed new fingerprint authentication technology that can be installed on any mobile phone with a camera, eliminating the need for additional hardware and therefore reducing costs and accelerating distribution.

VOIPSA has posted a message on its VOIPSEC mailing list about "Breaking SIP for fun and toll fraud".From the mailing list;"In this post, we would like to inform abouta potential Authentication vulnerability in SIP, where all SIP equipments using Digest Access Authentication which can issue re-INVITEs are vulnerable.The problem lies in an attack scenario, where a called device can be triggered by a calling party to issue a re-INVITE. Such cases appear when either a phone is put on hold. More general, this is possible whenever a target refresh within a dialog takes place.The impact is that Toll-fraud, Call-ID spoofing, etc. are possible, allowing a third entity to call on behalf of a victim. The victim is accountable in this case for the call.To our knowledge, we don't know if neither the IETF nor anybody else has addressed this issue yet.THIS IN NOT THE KNOWN ISSUE OF MAN IN THE MIDDLE. THE MAIN NOVELTY IS THAT AN ATTACKER CAN TRIGGER A re-INVITE FROM A CALLED PHONE AND REQUEST IT TOAU

Cross site scripting (XSS) errors are generally considered nothing more than a nuisance — most people do not realize the inherent danger these types of bugs create. In this article Seth Fogie looks at a real life XSS attack and how it was used to bypass the authentication scheme of an online web application, leading to "shell" access to the web server.Cross site scripting (XSS) attacks are often seen as a powerless hack. While this is true in some cases, for the most part the impact of an XSS vulnerability is left up to the imagination and talent of the attacker. In this article I am going to look at a real-life XSS attack and how it was used to bypass the authentication scheme of an online web application I was asked to test. In this case, the XSS resulted led to "shell" access to the web server — anything but harmless.The XSS VulnerabilityThe target in question had a user/password entry screen, which is fairly standard as far as web applications go. Figure 1 provides a screen sho

Heralding what may transpire to be the next line of defence against the ever persistent curse of electronic banking and credit card related fraud, this credit card, developed by Innovative Card Technologies in collaboration with eMue Technologies, comes complete with its own on-board keypad, embedded display unit and integral microprocessor allowing for card based PIN authorisation. Known as the Credit Card Embedded Authentication Device, the smart credit card comes with a number of modes offering PIN authenticated single use and even remote card validation via authentication servers allowing for more secure web based transactions. Of course, whilst this device undoubtedly offers considerable security benefits (certainly in relation to internet shopping) one problem remains – and that is that, should someone else know your PIN then this technology will be rendered wholly redundant. Which leads us on to wondering whether, in a bid to gain your PIN in order to use such cards, devices

If you are an email marketer, whether using a service provider or an in-house solution, you’ve no doubt heard the term email authentication lately. With spam and identity fraud via phishing and spoofing showing no end in sight, many Internet Service Providers (ISPs) have turned towards stricter ways of handling/accepting bulk emails to stop such nefarious practices. Unfortunately, as often happens when a group of technology companies try to create new policies, several different standards have emerged, leading the email marketer the unenviable task of trying to make sense of it all. With that in mind, here’s a quick and easy overview to help you sort through the weeds. (more…)

Ottawa, Ontario, Canada, September 17, 2007 - Jason Hart, CRYPTOCard’s European CEO, has launched a new Security Blog at www.twofactor.blogspot.com. Mr. Hart’s Blog features personal views and comments on two-factor authentication from the CEO of a prominent high-tech security company. This distinction, coupled with his experience as an ethical hacker, arm Mr. Hart with astonishing insights on current security threats and the solutions available to alleviate them. Read the full story...

Ottawa, Ontario, Canada, September 17, 2007 - Jason Hart, CRYPTOCard’s European CEO, has launched a new Security Blog at www.twofactor.blogspot.com. Mr. Hart’s Blog features personal views and comments on two-factor authentication from the CEO of a prominent high-tech security company. This distinction, coupled with his experience as an ethical hacker, arm Mr. Hart with astonishing insights on current security threats and the solutions available to alleviate them. Read the full story...

When PostgreSQL is installed, it has its own user added, usually postgres or pgsql. By default, just this user will be able to connect to a datatabase, and without a password. If you are running as root, you can su to the postgresql user using ‘su - postgres‘, then run ‘psql databasename‘ to connect. You may want to allow other users to connect with a password, or possibly you’d like to disable the postgresql user from connecting without a password. To do this, you need to edit pg_hba.conf, located in /var/lib/pgsql/data. For example, to require postgres to log in with a password and only from the local machine, use the following line in pg_hba.conf: local all postgres password md5 This means: on the local machine allow access to all databases for the postgres user with a password. If you wanted to allow all users from host 10.2.4.100 to connect to database foo with a password, you would do: host foo all 10.2.4.100 255.255.255.0 md5 For your changes

ใครที่เคยใช้งาน Oracle Application Server มาก่อน จะเห็นว่ามี OID มาพร้อมกับการติดตั้งในส่วน Infrastructureซึ่งในส่วน OID นี้ ก็จะทำหน้าที่หลักเก็บ username และ password ของ applications ต่าง ๆ ที่ใช้งานใน Application Server พร้อมทั้งการทำ authentication ด้วยวันนี้ผมได้เข้าไปดูข้อมูล OID ใน OTN พบว่า Oracle ได้ออก OID สำหรับการ Authentication ระดับ OS แล้ว ชื่อเต็ม ๆ ว่า "Oracle Authentication Services for Operating System Tech Preview"สังเกตดู ยังเป็น Tech Preview ก็คือยังไม่ใช่ตัวเต็มนั่นเอง แต่เป

With basic authentication, your server has identified who the client user is by means of a user ID and password. How sure can you be that the user really is who he claims to be? To answer this you have to consider the ways in which the ID and password may have been compromised:The user may have voluntarily given the ID to another person.The user may have written down the ID, and someone may be using it without his knowledge.Someone may have guessed the password.Someone may have intercepted the user ID and password between client and server systems.The first three possibilities are problems which occur in any password-based system. The normal response to such issues is to suggest better user education and password rules. This is quite reasonable, and can be effective within a single enterprise, where you have some control over the users of the

If you’re trying to use a socks server with Internet Explorer , Firefox, Opera or Safari everything will work just fine, except for authentication. From my point of view this is a big problem. Who in the world would leave such a proxy server unprotected? Yeah of course you can always limit access to a proxy server based on ip address, but in some cases ( see NAT ) this is just not going to work. Internet explorer supports only the socks4 protocol which doesn’t even support full password authentication ( only username and it defaults to the current logged in username ) . Firefox supports socks5 but no authentication mechanism so supporting socks5 is pretty much useless. I think I saw some ticket in bugzilla about this but no one managed to commit a fix yet. Opera doesn’t even support socks protocol but I thought I should mention all major browsers Safari supports SOCKS5 and even allows you to set a username and password to access the SOCKS server but it does not us

The Inside AdSense blog announced that they have launched a new feature named "Site Authentication. "The Site Authentication feature enables you to give the AdSense crawler access to your password protected pages. All you need to do is provide AdSense with a username and password. Then the AdSense crawler will gain access to those protected pages and be able to serve up relevant ads based on the content.

Financial Times, July 22, 2007 - CRYPTOCard, a technology developer for heterogeneous environments, said its Asia Pacific distributor, Syntellect and Sri Lanka’s EDIsrilanka have been instrumental in furthering the rapid growth in demand for its two-factor authentication technology in Sri Lanka. “As CRYPTOCard’s simple and cost-effective two-factor authentication makes sense from both a security and business perspective, it has proved to be an ideal fit for Sri Lankan businesses looking to eliminate unauthorized system access due to weak static passwords,” the company said in a press release. CRYPTOCard makes it simple to positively authenticate all users attempting to access a VPN or Web-based system by coupling something in the user’s possession (a multi-function smart card, USB dongle token, hardware token, or software token), with something they know (their PIN).Developed to meet real-world requirements – where Linux and Mac work

Financial Times, July 22, 2007 - CRYPTOCard, a technology developer for heterogeneous environments, said its Asia Pacific distributor, Syntellect and Sri Lanka’s EDIsrilanka have been instrumental in furthering the rapid growth in demand for its two-factor authentication technology in Sri Lanka. “As CRYPTOCard’s simple and cost-effective two-factor authentication makes sense from both a security and business perspective, it has proved to be an ideal fit for Sri Lankan businesses looking to eliminate unauthorized system access due to weak static passwords,” the company said in a press release. CRYPTOCard makes it simple to positively authenticate all users attempting to access a VPN or Web-based system by coupling something in the user’s possession (a multi-function smart card, USB dongle token, hardware token, or software token), with something they know (their PIN).Developed to meet real-world requirements – where Linux and Mac work

จากที่ผมได้พูดเอาไว้ในหัวข้อ “Why Hacking Wireless Network?” ว่าถึงระบบ Wireless นี้จะเสี่ยงต่อการ Hack เพียงใดแต่เราก็คงหลีกเลี่ยงไม่ได้ที่จะต้องใช้มัน มาหัวข้อนี้ผมเลยอยากจะขออธิบาย Basic ของความปลอดภัยบน Wireless ให้เห็นภาพมากขึ้นละกันนะคับ Encryption หรือการเข้ารหัส เนื่องจาก Wireless คือการนำเอาข้อมูลต่างๆมาวิ่งอยู่บนอากาศ เราไม่มีทางรู้ได้ว่าคนที่เดินผ่านไปผ่านมาในระแวกองค์กรขอ

This is the Irkon Falsh Memory uses iris recognition to gain access to the data stored on it, this is recognized as being much safer than password or even fingerprints. The device comes in 1 gb, 2 gb and 4 gb which is a great choice depending on what you are intending to store on the drive. Features: Luxurious design and excellent portability Fast and accurate operation by iris authentication User registration for up to 20 Iris templates (256-bit iris template encryption) Easy to use : Plug and Play via USB port Available flash memory capacity : 1GB / 2GB / 4GB Power recharged via USB port Tech Specs: Recognition Time - 2 sec. or less Max Registration data - 20 irises Eye image capturing range - 6Cm USB interface - USB v 1.1 and above Input power - Rechargeable battery & USB power Operating temperature - -5 ~ 40′C Operating humidity - 20 ~ 95% False Reject Rate (FRR) - 0.1% (1/1000) False Acceptance Rate (FAR) - 0.000083% (1/1200000) Dimensions - 30 (D) x 88 (W) x 12 (H) (

CRYPTOCard’s Smart Cards and Tokens Help Benefit Allocation Systems Meet HIPAA Compliance Regulations Ottawa, Canada and London, England, May 31, 2007 - CRYPTOCard is proud to announce that Benefit Allocation Systems, a major provider of integrated, comprehensive benefits and human resources outsourcing solutions, has implemented CRYPTOCard’s two-factor authentication to positively identify users attempting to access the building or the network.  By positively authenticating all users, CRYPTOCard has helped ensure that Benefit Allocation Systems meets the strict security requirements of the Health Insurance Portability and Accountability Act (HIPAA). Read More...

CRYPTOCard’s Smart Cards and Tokens Help Benefit Allocation Systems Meet HIPAA Compliance Regulations Ottawa, Canada and London, England, May 31, 2007 - CRYPTOCard is proud to announce that Benefit Allocation Systems, a major provider of integrated, comprehensive benefits and human resources outsourcing solutions, has implemented CRYPTOCard’s two-factor authentication to positively identify users attempting to access the building or the network.  By positively authenticating all users, CRYPTOCard has helped ensure that Benefit Allocation Systems meets the strict security requirements of the Health Insurance Portability and Accountability Act (HIPAA). Read More...

I've decided to proceed with the 25 user ActivIdentity starter kit for the two-factor authentication. The decision on ActivIdentity has primarily been driven by recommendation by multiple vendors and the easy point of entry for me, the decision to go ahead has been driven by the likely need to hand over our VPN secret key to a third party at some point. We can, and will, switch on username/password authentication but that's not enough as users may share details. I need the token - the tokens with the starter pack will be the keychain tokens.I am anticipating quite a cultural challenge in implementing this technology and I need to decide where best to deploy the various components on our infrastructure - but that's the fun of the job.

CRYPTOCard’s Tokens Meet All Taiyo Yuden’s Authentication Requirements at a Perfect Price London, England and Ottawa, Canada, May 17, 2007 - CRYPTOCard is proud to announce that Taiyo Yuden (USA), world leader in materials and electronics technology, has implemented CRYPTOCard’s two-factor authentication to secure remote access to its Cisco VPN.  Taiyo Yuden’s 95 remote users and outside consultants can now gain simple “One-PIN-and-You’re-In” secure VPN access from Windows XP Professional laptops via CRYPTOCard’s ST-1 software token. Read More...

CRYPTOCard’s Tokens Meet All Taiyo Yuden’s Authentication Requirements at a Perfect Price London, England and Ottawa, Canada, May 17, 2007 - CRYPTOCard is proud to announce that Taiyo Yuden (USA), world leader in materials and electronics technology, has implemented CRYPTOCard’s two-factor authentication to secure remote access to its Cisco VPN.  Taiyo Yuden’s 95 remote users and outside consultants can now gain simple “One-PIN-and-You’re-In” secure VPN access from Windows XP Professional laptops via CRYPTOCard’s ST-1 software token. Read More...

In this installment of our series covering new and improved functionality of SQL Server 2005 Beta 2, we will focus on the topic of security, which has been becoming increasingly prominent among the issues on every database and system administrator's agenda. A new approach to software development started with the Trustworthy Computing initiative launched in early 2002, necessitated by the growing number of exploits directed at the Microsoft operating system and applications, resulted in a "secure by default" product with highly customizable security features further increasing the degree of protection. We will start with the features related to authentication (the process of identifying logins connecting to the SQL Server and users accessing databases), and continue with authorization (determining the level of permissions granted once the initial connection is established) and encryption in the future articles. In particular, we will cover here, password policy implementation and manag

"Now security for sensitive information is clearly within reach for all sized firms," noted Microsoft SBS expert, Susan Bradley Ottawa, Ontario, April 19, 2007 - Susan Bradley praises Scorpion Software’s AuthAnvil, based on AuthEngine, for making two-factor authentication feasible for businesses working on Microsoft SBS. Read more...

Adobe Systems’ Advanced Technology lab has developed two tools for image authentication. Clone Tool Detector, which determines whether a section in a picture, has been recopied from another part of the picture. It is difficult to predict if two images are cloned, but this tool will say if they are “improbably similar”. Truth Dots, determines whether pixels are missing from a photo, a sign that the image has been cropped. This cannot be detected by the human eye by zooming the images. These plugins could be added in the new version of Photoshop, called CS3, which will be announced at the end of March. If so, it would be great for sites like eBay where bidders/buyers can distinguish between real and copied/altered images or for image copyright issues proliferating on the internet! Bookmark to:

For some time now I’ve been trying to use Windows Vistas Remote Desktop Connection Application to remotely connect from one Computer with Windows Vista Ultimate installed to another Computer with Windows Vista Ultimate installed on the same local area network and workgroup. But every time I try to connect to the other PC from either the first or second PC I get the following message: “The authentication certificate received from the remote computer has expired or it not valid.” And the thing is I’ve tried pretty much everything from Windows Vista’s Online Help (here) to a Windows Vista Remote Desktop Connection Authentication FAQ post by the Terminal Services Team (here) and lots more… and still no luck! So I’m hoping that someone can help me out here, there has to be someone that has experienced exactly (or very similar) the same problem as me and managed to fix it. Thanks in advance for everyone’s help.

Toshiba isn't really known for bleeding edge cell phones. However, they have recently made a major leap towards a more secure cell phone. I think this is cool and I expect more cell phones to follow. Supposedly, this is the year for mobile device security. There has been mobile device encryption out for some time from companies like PointSec. Also, two-factor authentication has been around

Toshiba isn't really known for bleeding edge cell phones. However, they have recently made a major leap towards a more secure cell phone. I think this is cool and I expect more cell phones to follow. Supposedly, this is the year for mobile device security. There has been mobile device encryption out for some time from companies like PointSec. Also, two-factor authentication has been around

Site Authentication using META tags is a new feature introduced by Yahoo. Prior to this Yahoo asked you to upload a file to your blog. Since you can only upload image files to Blogger this feature was not of much use..... to bloggers. Google already had a metatag feature to verify your site. See How to submit site to Google.. You will now be able to authenticate your site in Yahoo Site

WordPress Authentication Plugin requires that a user be logged in to see any page on your blog other than the login and register pages. Installation: Download WordPress Authentication... [[ This is a content summary only. Visit my website for full links, other content, and more! ]]

The Processor, October 06, 2006 - Phishing scams and identity theft both continue to be a rising problem. A user may be targeted with attacks designed to steal his username and password for his computer or for various accounts such as his bank or credit card access credentials. Next to the social engineering of the user, the password itself is the next weakest link in the access credentials security chain. The FFIEC (Federal Financial Institutions Examination Council) has stated that single-factor authentication, such as a password, is inadequate protection and that financial institutions should require two-factor authentication, such as an access token, to protect customers and reduce losses resulting from identity theft. Various other regulatory and legal requirements, such as Sarbanes-Oxley or HIPAA, also mandate some form of two-factor authentication in some cases. CRYPTOCard is one vendor offering a solution for more secure authentication. Unlike other popular aut

Business Solutions Magazine, September 14, 2006 - This VAR sold a security solution by applying two-factor authentication to meet maintenance safety requirements. Two-factor authentication also called strong authentication sounds complicated, but its actually a relatively simple concept. It is a process of confirming an individuals identity by using two separate methods of identification. Experts describe it as, Something you have and something you know. That reference refers to one type of two-factor authentication that uses a token (a key fob or smart card) and a PIN. Typical uses for this type of technology are network authentication, online banking, B2B transactions, electronic commerce, and government security. Not so typical is how security provider Pegasus Technologies implemented two-factor authentication at a utility plant.Pegasus provides IT-based security solutions many of them based on CRYPTOCards two-factor authentication solutions. In one of the companys mo

Communication News, August 26, 2006 - Two-factor mobile authentication puts secure ID tokens in the shadeFamed for its popular use as a mobile email device, the BlackBerry is now taking on another role as an authentication tool.Thanks to new software, one-time passwords can now be delivered to remote users on their BlackBerry devices, providing them with two-factor authentication when they login to the corporate network.This means that if users have a BlackBerry device, the IT department does not have to buy secure ID tokens, such as those from RSA.A one-off password is delivered to the user on their BlackBerry when they try to login to the corporate network.This is typed in on their laptop alongside the usual username and password to authenticate the user in the same way that a secure ID token would be used.The software, which is made by Cryptocard - a Canadian company like BlackBerry manufacturer RIM - must be installed on each user's device.Each password is generated

eWeek, November 15, 2004 - A Canadian cryptographic software vendor on Monday announced a new two-factor authentication solution designed specifically for the popular Apache Web server. http://www.eweek.com/article2/0,1759,1727654,00.asp