Podcast episode #009 - How to be an #MFAally with Tanya Janca of Microsoft Ever tweeted at a company? Did they reply? Tanya tweeted so consistently that she got a phone call...from her bank! Tanya and I break down passwords and multi-factor authentication, the bread and butter of security that many folks still don't get right.
Podcast episode Featured #008 - Secured by Math, Designed for People with Pilar García of 1Password Pilar García explains how @1Password is built around privacy by design, cryptography, usability, and openness. Also, learn how to make $100k for reading some bad poetry. The catch? Gotta break into a 1Password Vault first!
Podcast episode #002 - Your Phone is a Phishing Resistant Security Key with Alex Grinman of Kryptco Alex Grinman explains how Krypton, their open source browser extension and mobile app, can turn the phone sitting in your pocket into a phishing resistant two factor authentication (2FA) security key.
2FA Featured Introducing 2FA Notifier - How to Get More Internet Users to Enable 2FA on Their Accounts Ray and I built an open source browser extension called 2FA Notifier that helps people enable 2FA on their accounts. Read about the extension and the problem it solves in my article that was initially published on the Okta Developer Blog.
2FA A medium dive on the Time-based One-time Passwords (TOTP) spec More technical than the All Things Auth overview article and less technical than the specification itself, here is a medium dive on how TOTP works under the hood!
2FA TOTP: (way) more secure than SMS, but more annoying than Push Ever wonder how Google Authenticator works? Learn why TOTP 2FA is drastically more secure than SMS 2FA and the security and usability tradeoffs it makes.
Zapier Zapier docs: plain-english, useful content, and helpful visual cues Often an after thought, docs are a critical part of the security UX. Zapier has paid particular attention to creating useful docs and it really shows!
Zapier How Zapier rolled out 2FA support Two factor authentication (2FA) doesn't provide effective security if users don't enable it. Learn how Zapier announced the rollout of 2FA to its users!
Zapier The Big Idea for Zapier: Contextual 2FA Promotion March 2018 is Zapier month! Our Big Idea for Zapier is contextual 2FA promotion: an even better way to encourage users to enable two factor authentication!
Zapier Zapier: 2FA Deep Dive March 2018 is Zapier month! We dive deep into the security and user experience of Zapier's TOTP two factor authentication (2FA) implementation: what works and what could be improved?
Zapier Screencast Episode 1: Zapier March 2018 is Zapier month! Conor and Ray discuss passwords, hatch a plan to increase two factor authentication (2FA) adoption rates, and propose changes to the Zapier team plan.
2FA SMS: The most popular and least secure 2FA method SMS doesn’t actually prove “something you have”, so don’t rely on it for 2FA unless you absolutely must! Learn how SMS 2FA works to understand why.
2FA Featured Two Factor Authentication (2FA): What is it? How does it work? Why you should care! Learn why two factor authentication (2FA) is so important, how it actually protects your accounts, and how to assess the 2FA methods available on the services that you use!
Authentication Shared Responsibility Model Authentication and authorization are shared responsibilities between service providers and end-users.