Jump to content

Search the Community

Showing results for tags 'problems'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Job Boards
    • Jobs
  • Community Lounge and FAQ
    • Forum News
    • Open Forum
    • New Members Forum - Start Here!
  • Entrepreneurship, Business and Marketing
    • Social Media Marketing & Web Marketing
    • Entrepreneurship
    • Career Questions - Asked and Answered
  • StudioWeb
    • StudioWeb
    • StudioWeb News
    • StudioWeb Projects
  • Programming
    • Python
    • Javascript
    • PHP
  • Web Design
    • Beginners Web Design
    • HTML/XHTML
    • Dreamweaver
    • CSS
    • Advanced Web Design
    • Business of Web Design
    • Web Design News
  • Miscellaneous
    • Cybersecurity
    • Miscellaneous Software
    • Blogs and CMS
    • Web Accessibility
    • Peer-to-Peer Reviews
    • Website Templates
    • Web Design Jobs
    • Test Forum
  • Archives
    • Beginners Web Design
    • Course: The Complete Entrepreneur
    • Web Accessibility
    • Photoshop
    • CSS
    • Forum Rules and Etiquette
    • Flash
    • ASP
    • General Programming
    • Expression Web
    • Beginners Ruby
    • Killersites University
    • Actionscript
  • Uncle Stef's Mentoring Club's *** Getting Started ***

Calendars

  • Community Calendar

Categories

There are no results to display.

There are no results to display.

Product Groups

  • Business & Entrepreneur Courses

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website


LinkedIn


Facebook


Twitter


AIM


Yahoo


Other


Location


Interests

Found 1 result

  1. SSO is almost everywhere, and once embedded it is as hard to dig out as a tick. It is a battle I have been fighting the last year, those in charge want things easy for the employees and the employees don't want to have to remember lots of passwords. I get it. But I get paid to worry, and what I see is an attacker breaking the SSO password and now having access to all the applications our employees use, many of which have access to both personal Personally Identifiable Information (Pii) as well as Health information. So the issue is really simple, the user need only remember one password and the attacker need only break one password to have the keys to the kingdom. Social logins are the same way. SSO is simply easier for you isn't it? But now Facebook has lost 50 mil. tokens that can be used to get into those users other sites. They can now breach your twitter account, facebook account, Google account and what else? If I can now get in your Google account, I can reset things, I can change your telephone number to mine, have your second authorization come to my phone. Ask yourself, is my mobile phone number available on my accounts? Ever heard of SIM Switching? I can call a mobile phone host, create an account and say "I want to come to you, please switch my telephone number" and usually with little to no checking of authorization they will activate your number in my new phone, now I can get access to any account attached with that phone number, I can even empty your bank account. So what is more important to you? Your security or your ability to quickly switch between facebook and twitter etc. without logging in again? Experts' View: Avoid Social Networks' Single Sign-On https://www.databreachtoday.com/blogs/experts-view-avoid-social-networks-single-sign-on-p-2670
×
×
  • Create New...