Phil Cuff

Phil Cuff
Find me on:

Recent Posts

5 Reasons SMS Authentication is still SO common despite being so insecure

What’s going on with SMS Authentication? How come it’s still a thing!? In fact, SMS is still the most commonly used form of Multi-Factor Authentication (MFA) on the planet.

If you doubt this, think globally. Don’t be limited by your own experience, even though I bet you still receive more OTPs (One-Time Passwords) by SMS than you care to think of, no matter how many smartphone apps and google auth accounts you have!

Posted by Phil Cuff on Mar 31, 2019 3:45:00 PM
Read More

Understand the difference between Identification and Authentication

As a follow up to my post about the importance of the Knowledge Factor and the story on how “Cops can legally force you to unlock your phone with your face” this article from the SMH highlights how we all need to understand the difference between identification and authentication:

Posted by Phil Cuff on Mar 12, 2019 4:06:00 PM
Read More

A password-less world would be awful!

....it's the way passwords currently work that needs to change.

There's so much talk about getting rid of passwords, like this (very good) article by George Avetisov, and how everything has to be ‘frictionless’.

Of course, inconvenience and bad user experience leads to bad security practice, but what would a ‘password-less’ world actually be like? It’s certainly not a world I’d enjoy and here’s why…

Posted by Phil Cuff on Mar 6, 2019 3:34:50 PM
Read More

The value of the 'Knowledge Factor'

Great article highlighting the value of the 'Knowledge Factor' (aka passwords and PINs).

https://www.wired.com/story/police-unlock-iphone-face-id-legal-rights/amp

You choose when to use your secret password or PIN to authenticate yourself - or not. And you can change it whenever you want to.

Try doing that with biometrics!

Posted by Phil Cuff on Mar 5, 2019 3:53:48 PM
Read More

Time for crypto security to grow up!

Regardless of where you stand on cryptocurrency, security and protection of cryptocurrencies is still appallingly bad as shown by yet another huge exchange theft.

ALL exchanges need to encourage ALL users to utilise cold wallets. 

 

https://www.wired.com/story/police-unlock-iphone-face-id-legal-rights/amp

Posted by Phil Cuff on Mar 5, 2019 3:49:14 PM
Read More

Subscribe to our blog

Subscribe to blog