authentication - Security Ticks

Product showcase: Proton Authenticator is an end-to-end encrypted, open source 2FA app

2FA, authentication, identity protection, iOS, News, open source, Product showcase, Proton, software / SecurityTicks

Product showcase: Proton Authenticator is an end-to-end encrypted, open source 2FA app 2026-04-06 at 09:16 By Anamarija Pogorelec Proton Authenticator is a free and open-source two-factor authentication (2FA) app that generates time-based one-time passwords (TOTP) to help secure online accounts. It is available on Windows, macOS, Linux, iOS, and Android, allowing users to access their […]

Product showcase: Proton Authenticator is an end-to-end encrypted, open source 2FA app Read More »

Click, wait, repeat: Digital trust erodes one login at a time

Artificial Intelligence, authentication, cybersecurity, News, report, Thales / SecurityTicks

Click, wait, repeat: Digital trust erodes one login at a time 2026-04-03 at 07:58 By Anamarija Pogorelec Sign-up forms that drag on, login steps that repeat, and access requests that take longer than expected have become a normal part of using digital services. These moments rarely stand out on their own, and over time they

Click, wait, repeat: Digital trust erodes one login at a time Read More »

Financial groups lay out a plan to fight AI identity attacks

Artificial Intelligence, authentication, deepfakes, Don't miss, financial industry, generative AI, Government, LLMs, News, report, USA / SecurityTicks

Financial groups lay out a plan to fight AI identity attacks 2026-04-01 at 10:34 By Mirko Zorz Generative AI tools have brought the cost of deepfake production low enough that criminals and state-sponsored actors now use them routinely against financial institutions. A joint paper from the American Bankers Association, the Better Identity Coalition, and the

Financial groups lay out a plan to fight AI identity attacks Read More »

Microsoft hands Entra ID users new option for MFA

authentication, MFA, Microsoft, Microsoft Entra ID, News / SecurityTicks

Microsoft hands Entra ID users new option for MFA 2026-03-25 at 12:46 By Anamarija Pogorelec Organizations rely on MFA to enforce identity checks before granting access to systems and services. Microsoft has made external MFA generally available in Microsoft Entra ID, expanding support for third-party identity providers. Configure external MFA in Microsoft Entra ID (Source:

Microsoft hands Entra ID users new option for MFA Read More »

Field workers don’t need more access, they need better security

account protection, authentication, cybersecurity, Don't miss, Features, Hot stuff, News, Risk Management, security awareness, West Shore Home / SecurityTicks

Field workers don’t need more access, they need better security 2026-03-20 at 10:21 By Mirko Zorz In this Help Net Security interview, Chris Thompson, CISO at West Shore Home, discusses least privilege and credential hygiene for a field-based workforce. He covers access management, authentication practices, and data risk processes that support employees in the field.

Field workers don’t need more access, they need better security Read More »

Passwords, MFA, and why neither is enough

authentication, Don't miss, FIDO Alliance, MFA, News, passwords, Portnox, strategy, tips, Video / SecurityTicks

Passwords, MFA, and why neither is enough 2026-03-13 at 07:37 By Help Net Security Passwords weren’t enough, so we added MFA. Now MFA isn’t enough either. In this Help Net Security video, Karlo Zatylny, CTO/CISO at Portnox, walks through why each layer of identity security has failed and what comes next. SMS codes can be

Passwords, MFA, and why neither is enough Read More »

Why workforce identity is still a vulnerability, and what to do about it

1Kosmos, auditing, authentication, cybersecurity, Don't miss, Hot stuff, identity management, identity verification, News, opinion / SecurityTicks

Why workforce identity is still a vulnerability, and what to do about it 2026-03-04 at 07:43 By Help Net Security Most organizations believe they have workforce identity under control. New hires are verified. Accounts are provisioned. Multi-factor authentication is enforced. Audits are passed. Then a breach happens, often through an account that was “properly secured.”

Why workforce identity is still a vulnerability, and what to do about it Read More »

Product showcase: 2FAS Auth – Free, open-source 2FA for iOS

2FAS, authentication, cybersecurity, Don't miss, identity management, identity protection, iOS, News, open source, Product showcase, software / SecurityTicks

Product showcase: 2FAS Auth – Free, open-source 2FA for iOS 2026-02-03 at 07:47 By Anamarija Pogorelec Online accounts usually rely on a password, but passwords alone can be weak if they’re reused, easily guessed, or stolen. Two-factor authentication (2FA) adds a second layer of verification, usually a six-digit code generated by an app on your

Product showcase: 2FAS Auth – Free, open-source 2FA for iOS Read More »

Microsoft Moves Closer to Disabling NTLM

authentication, Identity & Access, NTLM, Windows / SecurityTicks

Microsoft Moves Closer to Disabling NTLM 2026-02-02 at 13:44 By Ionut Arghire The next major Windows Server and Windows releases will have the deprecated authentication protocol disabled by default. The post Microsoft Moves Closer to Disabling NTLM appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Moves Closer to Disabling NTLM Read More »

Microsoft sets a path to switch off NTLM across Windows

authentication, cybersecurity, Microsoft, News, Windows / SecurityTicks

Microsoft sets a path to switch off NTLM across Windows 2026-02-02 at 13:13 By Sinisa Markovic Windows is shifting to a more secure authentication approach, moving away from New Technology LAN Manager (NTLM) and toward stronger, Kerberos-based options. NTLM has been part of Windows for decades and continues to appear in some environments, particularly where

Microsoft sets a path to switch off NTLM across Windows Read More »

Microsoft Entra ID will auto-enable passkey profiles, synced passkeys

authentication, Microsoft, Microsoft Entra ID, News, passkeys / SecurityTicks

Microsoft Entra ID will auto-enable passkey profiles, synced passkeys 2026-01-26 at 10:52 By Sinisa Markovic Starting March 2026, Microsoft Entra ID will automatically enable passkey profiles and introduce support for synced passkeys. Passkey profiles move into general availability The update brings passkey profiles and synced passkeys into general availability. Administrators gain access to a new

Microsoft Entra ID will auto-enable passkey profiles, synced passkeys Read More »

The internet’s oldest trust mechanism is still one of its weakest links

Artificial Intelligence, authentication, CSC, cybersecurity, DNS, News, report, security controls / SecurityTicks

The internet’s oldest trust mechanism is still one of its weakest links 2026-01-22 at 07:23 By Anamarija Pogorelec Attackers continue to rely on domain names as an entry point into enterprise systems. A CSC domain security study finds that large organizations leave this part of their attack surface underprotected, even as attacks become more frequent.

The internet’s oldest trust mechanism is still one of its weakest links Read More »

Wi-Fi evolution tightens focus on access control

access control, authentication, cybersecurity, network, News, predictions, standards, wireless, Wireless Broadband Alliance / SecurityTicks

Wi-Fi evolution tightens focus on access control 2026-01-09 at 07:33 By Anamarija Pogorelec Wi-Fi networks are taking on heavier workloads, more devices, and higher expectations from users who assume constant access everywhere. A new Wireless Broadband Alliance industry study shows that this expansion is reshaping priorities around security, identity, and trust, alongside adoption of new

Wi-Fi evolution tightens focus on access control Read More »

Counterfeit defenses built on paper have blind spots

authentication, data security, Don't miss, News, research / SecurityTicks

Counterfeit defenses built on paper have blind spots 2025-12-24 at 08:17 By Anamarija Pogorelec Counterfeit protection often leans on the idea that physical materials have quirks no attacker can copy. A new study challenges that comfort by showing how systems built on paper surface fingerprints can be disrupted or bypassed. The research comes from teams

Counterfeit defenses built on paper have blind spots Read More »

Formal proofs expose long standing cracks in DNSSEC

authentication, DNS, DNSSEC, Don't miss, network, News, Palo Alto Networks, Purdue University, research, University of California / SecurityTicks

Formal proofs expose long standing cracks in DNSSEC 2025-12-23 at 09:41 By Sinisa Markovic DNSSEC is meant to stop attackers from tampering with DNS answers. It signs records so resolvers can verify that data is authentic and unchanged. Many security teams assume that if DNSSEC validation passes, the answer can be trusted. New academic research

Formal proofs expose long standing cracks in DNSSEC Read More »

Session tokens give attackers a shortcut around MFA

access control, authentication, Compliance, cside, cybersecurity, Don't miss, MFA, News, Video / SecurityTicks

Session tokens give attackers a shortcut around MFA 2025-12-22 at 07:45 By Help Net Security In this Help Net Security video, Simon Wijckmans, CEO at cside, discusses why session token theft is rising and why security teams miss it. He walks through how web applications rely on browsers to store session tokens after login often

Session tokens give attackers a shortcut around MFA Read More »

Passwordless is finally happening, and users barely notice

authentication, cybersecurity, identity management, MFA, News, Okta, passwordless, report / SecurityTicks

Passwordless is finally happening, and users barely notice 2025-12-16 at 07:32 By Anamarija Pogorelec Security teams know the strain that comes from tightening authentication controls while keeping users productive. A new report from Okta suggests this strain is easing. Stronger authentication methods are gaining traction, and many of them let users move through sign in

Passwordless is finally happening, and users barely notice Read More »

Europe’s DMA raises new security worries for mobile ecosystems

authentication, data integrity, Data Protection, EU, Europe, European Commission, Government, mobile devices, News, regulation / SecurityTicks

Europe’s DMA raises new security worries for mobile ecosystems 2025-12-15 at 08:43 By Anamarija Pogorelec Mobile security has long depended on tight control over how apps and services interact with a device. A new paper from the Center for Cybersecurity Policy and Law warns that this control may weaken as the European Union’s Digital Markets

Europe’s DMA raises new security worries for mobile ecosystems Read More »

New image signature can survive cropping, stop deepfakes from hijacking trust

authentication, deepfakes, News, research / SecurityTicks

New image signature can survive cropping, stop deepfakes from hijacking trust 2025-12-09 at 08:02 By Sinisa Markovic Deepfake images can distort public debate, fuel harassment, or shift a news cycle before anyone checks the source. A new study from researchers at the University of Pisa examines one specific part of this problem. They introduced a

New image signature can survive cropping, stop deepfakes from hijacking trust Read More »

What zero trust looks like when you build it step by step

access control, authentication, cybersecurity, Don't miss, identity management, KeyData Cyber, News, security metrics, Video, zero trust / SecurityTicks

What zero trust looks like when you build it step by step 2025-12-01 at 08:36 By Help Net Security In this Help Net Security video, Jonathan Edwards, Managing Director at KeyData Cyber, walks us through what practical zero trust adoption looks like in stages. He explains why he dislikes the term itself, then shifts to

What zero trust looks like when you build it step by step Read More »