Security news aggregator

Latest coverage for Authentication

Stay secure online with the latest on authentication techniques, best practices, and industry updates at the forefront of information security.

5 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Authentication confirms the identity of users or systems before granting access to resources, typically using factors like passwords (knowledge), hardware tokens (possession), or biometrics (inherence). It establishes trust boundaries that prevent unauthorized entities from impersonating legitimate users or devices within networks and applications.

Weak authentication enables attackers to perform account takeover, privilege escalation, or lateral movement by exploiting stolen credentials, phishing, or replay attacks. Deploying multi-factor authentication (MFA) with independent factors significantly reduces these risks. Secure credential storage, regular rotation, and monitoring authentication logs for anomalies are critical defenses to detect and block unauthorized access attempts early in the attack chain.

Showing 5 most recent headlines Filtered view
Bank Info Security 1 year, 2 months ago

UK Government to Roll Out Passkeys Late This Year

FIDO-Based Authentication to Replace SMS-Based Verification, Says UK NCSCThe U.K. government is set to replace SMS-based verification systems for digital services with passkeys later this year in a bid to shore-up cyber defenses. The authentication initiative is being developed by the U.K. National Cybersecurity Center using FIDO standards.

The Hacker News 1 year, 2 months ago

Entra ID Data Protection: Essential or Overkill?

Microsoft Entra ID (formerly Azure Active Directory) is the backbone of modern identity management, enabling secure access to the applications, data, and services your business relies on. As hybrid work and cloud adoption accelerate, Entra ID plays an even more central role — managing authentication, enforcing policy, and connecting users across distributed environments

Hackers Bypass MFA to Steal Australians' Banking CredentialsMelbourne-based ANZ Bank will introduce passwordless authentication for digital banking services amid news that hackers have stolen the banking credentials of tens of thousands of Australians. Cybercriminals used infostealer malware to steal the credentials of more than 30,000 Australians.

Bank Info Security 1 year, 2 months ago

Zero Trust and Automation Crucial for Securing IoT Devices

Device Authority's Antill on Secure-by-Design and Continuous AuthenticationMany IoT devices were never designed with modern authentication - making them easy targets. Even when certificates are used for authentication, Darron Antill, CEO of Device Authority, points out that frequent expiration and limited visibility create operational and security risks over time.