Biometrics: A Stepping-Stone To Eliminating The Password Forever

Biometrics: A Stepping-Stone To Eliminating The Password Forever

September 13, 2017 - Once thought of as exotic and futuristic, the use of biometrics as a means of authentication is quickly becoming mainstream. The concept is based on the fact that each person is unique and can be identified by his or her intrinsic physical or behavioral traits. This premise can serve as a powerful security measure, proving extremely valuable to organizations and their employees.

Identity 101: Alphabet Soup

Mike Talon


A Quick Guide to the Top 12 Acronyms in Identity Management

Equifax: The Wages of Reputation Services Acting like Identity Systems

Jeff Nolan, CMO


The news of the massive Equifax data breach broke last week, and the collective shrug of yet-another-data-breach was deafening. The fact that it happened to a credit reporting service that is known for offering identity protection in the wake of other people’s data breaches is ironic, but beyond that, it’s just another in a string of data breaches that have impacted every American by this point.

IDC Perspective: The Death of 2FA and the Birth of Modern Authentication

Two-factor authentication and MFA were certainly significant improvements over the use of passwords for authentication. However, the definition of MFA was born in a different “day” and is based upon technology and approaches that are 20 years old. Technology has changed, so too has the approach of authentication. Technology buyers are strongly encouraged to look beyond the MFA standard for authentication and instead, consider a modern authentication approach.

Confessions of a Password Tweaker - Part 2 (Same s#!t123, different password)

Password tweaking doesn't protect your organization from identity access breaches.
David Ross, VP Research - SecureAuth


The week before last, I confessed to password tweaking.

Recently Troy Hunt released 320 million hashed passwords collected from breaches ( so I thought I’d run an experiment on that data based on common password tweaking techniques. I wanted to see if I could find tweaked variations of a given password in Troy’s data set.

Confessions of a Password Tweaker

David Ross


I have a confession to make. For over twenty years, I’ve been using the same password for most everything. And the worst part is, I thought I was being smart about it.

RIP IOCs: How Machine Learning will Revolutionize IT Security - Part II

David Ross


In my last blog post, I sounded the death knell for indicators of compromise (IOCs) — attributes that implicate an item as being associated with cybercrime. IOCs written for one environment rarely transfer into new environments without lots of false positives and false negatives because what’s abnormal (and therefore an IOC) for one system or user might be completely normal for another user or system, or even for the same user at a different time of day.

SC Magazine Market Focus: Moving from MFA to Passwordless

July 2017: SC Magazine’s Market Focus: Another Paradigm Shifts; Multi-Factor (MFA) might soon forgo the password.

In the 2004 action movie National Treasure, Nicolas Cage needs to guess a not-so-complex password and lift a fingerprint in order to break into the National Archives building and steal the Declaration of Independence. Movies often make stealing two-factor authentication so simple, but is it really that easy? And what if the second factor wasn’t a password at all? Could Cage have broken in?