A Look Back at True2F
Recently at Duo Tech Talks we hosted Emma Dauterman of Stanford University for an outstanding presentation on True2F, a joint research project between Stanford and Google surrounding backdoor-resistant security keys.
James Barclay was formerly a Senior R&D Engineer at Duo Labs, the advanced security research and analysis team at Duo Security. Prior to joining Duo, James was a Tools Engineer at Pinterest, and an IT consultant focused on endpoint security before that. He's contributed to a handful of open-source projects, and has been called an Apple nerd once or twice.
Recently at Duo Tech Talks we hosted Emma Dauterman of Stanford University for an outstanding presentation on True2F, a joint research project between Stanford and Google surrounding backdoor-resistant security keys.
Duo Labs has found an authentication weakness in Apple's Device Enrollment Program (DEP) that could lead to privileged access, rogue device enrollment and social engineering attacks against an organization that uses DEP for mobile device management (MDM) auto-enrollment.
James Barclay and Nick Steele recently shared their thoughts on a passwordless future during a Twitter chat with Yubico. Get their insights on the pain points of passwords, their hopes for the future, and explore some of our resources around industry advancements paving the way, like passwordless authentication, multi-factor authentication and WebAuthn.
Duo has been working with Google since last year on the Android Protected Confirmation API - a way to verify that only humans are responding to a prompt - and we've prototyped an integration with Duo Mobile to enhance 2FA security.
Learn more about DuoAPISwift, a new API client for the Swift Programming language on GitHub. Now Duo's APIs are accessible to more developers & projects!