• Is WEP shared key authentication secure?

    I'm pretty new to the security field and I've been reading up on wireless authentication / shared key authentication. It doesn't sound very secure to me. Basically, here's what I figured out: The station sends an authentication request to the access point. The access point sends challenge text to...

    ITKE407,425 pointsBadges:
  • What are the hardware requirements for implementing the FIDO U2F standard? Are there any issues with backwards compatibility?

    I'm thinking about revamping my personal OP-SEC in the near future but I need to make sure that the security token I get will be backwards compatible with the FIDO standard. Would anyone happen to know of what's required of hardware to implement FIDO U2F standard and if xNT is future-proof? Why...

    ITKE407,425 pointsBadges:
  • Is it ok to use a weak password as long as I have two-factor authentication?

    When it comes to passwords, I'm pretty strong. I never reuse passwords across sites and I try to use two-factor authentication when it's available. But I do realize that typing all those passwords is a problem. A good friend of mine asked me why I don't use a weak password when two-factor...

    ITKE407,425 pointsBadges:
  • My key fob system has been working fine. Is there any need to upgrade?

    I've noticed that my key fob system has been acting slowly but is still working pretty good. Should I upgrade or hold off?

    ITKE407,425 pointsBadges:
  • Are there any particular multifactor authentication issues to consider in the healthcare industry?

    A friend of mine is getting into the healthcare industry has some concerns, particularly when it comes to security. Are there any particular authentication issues that he needs to know about in the healthcare industry?

    ITKE407,425 pointsBadges:
  • How do I generate a Google application-specific password from a shell script?

    I've recently enabled two-factor authentication on Google, but no my Google export scripts aren't working. My computer is verified and trusted but, for some reason, the scripts are not. Basically, every time the CRON job is run, I keep getting this 'Google verification code' and the script fails....

    ITKE407,425 pointsBadges:
  • What’s the best way to generate a cryptographically secure token?

    In order to generate a 32 character token for access to our API, we've been using this: $token = md5(uniqid(mt_rand(), true)); But someone told us that this isn't the best way to secure it and that we should use this instead: openssl_random_pseudo_bytes What's the best way here? Thanks for the help.

    ITKE407,425 pointsBadges:
  • What is the correct way to log out of an HTTP authentication-protected folder?

    Does anyone know of the right way to log out of HTTP authentication protected folder? I understand there are workarounds but they can be dangerous too. Does anyone have a good solution?

    ITKE407,425 pointsBadges:
  • How do I create a SAML authentication request using Windows Identity Foundation?

    I'm trying to use an API to create SAML authentication requests and receive/interpret the SAML responses but I'm not sure of the best way to do this. I've figured out how to receive and interpret the responses. Can someone point me in the right direction on using APIs to create SAML requests. Thank...

    ITKE407,425 pointsBadges:
  • Are there any alternatives to multifactor authentication that protect user information as well?

    Does anyone happen to know if there are any alternatives out there to multifactor authentication that will protect user information as well?

    ITKE407,425 pointsBadges:
  • What does RESTful Authentication mean and how does it work? 

    Does anyone know what RESTful authentication means and how it works? I've been searching but can't find much on it. The only understanding that I have is that you pass the session key in the URL. Am I on the right track here? Thanks so much.

    ITKE407,425 pointsBadges:
  • What are the advantages and disadvantages of using key files for web authentication?

    We have a corporate web mail site (that uses PHP and MySQL) for specific users of our company who are working remotely with the web portal. Each user has a password and login. Now, I'm thinking about replacing using text passwords with a key file. Would this type of authentication be more secure...

    ITKE407,425 pointsBadges:
  • Digital signature and entity authentication

    What is used to create a digital signature?

    michaelasmoah10 pointsBadges:
  • Should I use FIDO U2F even if it is not yet the standard?

    I'm working on a security project for my organization and I'm wondering if I should use Fido U2F even if it's not the standard anymore. I would appreciate any advice.

    ITKE407,425 pointsBadges:
  • Tacacs and authentication on Cisco routers

    We have ACS 3.X server for tacacs + and radius authentication in our LAN switches. Right now I'm able to login through tacacs+ only. I want to enable tacacs+ as well as local telnet login. This will help me to login in switches if the tacacs will fail.

    Ekansh400 pointsBadges:
  • Does multifactor authentication work differently in a cloud-based platform like Windows Azure?

    I'm pretty new to the security field and I was wondering if multi-factor authentication works any differently in a cloud-based platform like Windows Azure? Thanks!

    ITKE407,425 pointsBadges:
  • How does Windows Azure multifactor authentication work?

    Would anyone be able to explain how Windows Azure multifactor authentication work? Thanks in advance.

    ITKE407,425 pointsBadges:
  • Multi-Site, single-domain setup question about? Which DC authenticates login’s?

    I have a single domain/forest setup. I recently created a second site in active directory and added a domain controller to it. Both DC's are server 2003.  At the new site with the new DC, I run the command "echo %logonserver%" on a workstation, and it replies back with the old domain controller...

    Ingram871,285 pointsBadges:
  • Are passwordless SSH logins more secure?

    My friend and I recently had a 'thoughtful' discussion on whether SSH authentication is more secure than authentication using passwords. He always connects to servers with passwords but I prefer to log into our system without having to enter a password every single time. I know he's scared about...

    ITKE407,425 pointsBadges:
  • How do I find which app is causing sign-on issues?

    I've been using Google two-factor authentication on my Galaxy tablet and I keep receiving this notification of a 'sign-in error' for my Google account. My Gmail and other apps are working fine but when I went into my settings on a different computer, and it revoked the application-specific password...

    ITKE407,425 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following