September is approaching and that means it's almost time for one of Duo's favorite local information security conferences, GrrCon!
With Twitter’s recent move to “push” and public-key cryptography, we and many others were glad to see them move away from SMS-only 2 factor authentication. Not only did they add better security, but they are also providing their users with a much more appealing experience.
The plan is simple in theory. After the applause begins following Peiter “Mudge” Zatko’s Defcon talk, rush the stage, hand Mudge a trophy and tell him to “hold his breath,” as they dump a gatorade cooler full of confetti on his head.
In what is becoming a yearly tradition at Duo Security, we flew our interns out to Vegas to experience the total immersion in hacker/security culture that is DEFCON. After they shook off the jet lag they offered these observations...
I've been attending security conferences for 12 years now and find myself learning about more than new technology—I also learn about community and humanity as a whole.
I’m all set to use it to get my hands on some juicy IP... then up pops Duo two factor authentication! It 's getting hard for a cyber criminal to make a dishonest living...
The team at Twitter has released details about a big improvement for their two-factor authentication functionality: push.
Earlier this year, we wrote about how any Google Application Specific Password (ASP) could be used to bypass 2-Step Verification. Although Google issued a fix to prevent account compromise, your ASPs can still be used to do almost anything else with your Google account.