Blog - Cyber Security Informer

Best Practices for Enrolling Users in MFA

Duo's Security Blog

APRIL 10, 2024

Enrolling users to use multi-factor authentication (MFA) is an essential security step for any organization. But user enrollment can be a logistical challenge and comes with security risks. Enrollment basics Enrollment is the process by which users are added to a Duo account and enabled to use MFA.

Authentication

Authentication Accountability Risk Government

Duo vs. Fraudulent Device Registration

Duo's Security Blog

APRIL 8, 2024

That’s where multi-factor authentication (MFA) comes in. Typically, a user confirms their identity using an application on their phone and accepts a push notification. Now MFA can no longer stop the cybercriminal from gaining unlimited access. With Duo, there are a few different approaches to harden your defenses.

Authentication

Authentication Accountability Risk Phishing

Three Best Practices Every Security Leader Should Consider When Using Duo

Duo's Security Blog

AUGUST 29, 2022

As cybersecurity leaders have been stepping up efforts to secure all users and applications with multi-factor authentication (MFA), Duo Security is highlighting security best practices that can help deter against malicious attacks. Making sure all users have a valid MFA device is crucial to secure Duo deployment.

Passwords

Passwords Authentication Education Internet

Cyber Actors Bypassing Two-Factor Authentication Implementations

Cisco Security

MARCH 15, 2022

Guidance is provided in the Recommendations and Best Practices section of this blog. According to the FBI’s bulletin, cyber actors were able to obtain access to primary credentials for users with Duo accounts that did not have an enrolled multi-factor authentication (MFA) device.

Authentication

Authentication Passwords Accountability Government

New Duo Feature Guide: Strengthening Your Multi-Factor Authentication

Duo's Security Blog

JANUARY 18, 2023

Multi-Factor Authentication (MFA) is a security tool used by various organizations to protect user credentials, or the username and password. However, MFA has been in the news recently as attackers are finding new and creative ways to get around it. What can organizations do?

Authentication

Authentication Phishing Threat Detection Mobile

3 Steps to Prevent a Case of Compromised Credentials

Duo's Security Blog

MAY 23, 2023

Passwords are a weak point in modern-day secure authentication practices, with Verizon highlighting that almost 50% of breaches start with compromised credentials. In our previous two features, we covered the dangers of phishing (one method of credential compromise) and how to mitigate its impact on users.

Authentication

Authentication Passwords Data breaches Phishing

Arachnophobic: How Duo Customers Can Respond to CISA’s Report on Scattered Spider

Duo's Security Blog

NOVEMBER 27, 2023

They have quickly adapted their approaches, flipping between technical and social attack vectors, and taking advantage of industry trends in Identity and Access Management practices. That’s why we offer a series of options, any of which can improve your posture, all of which work best together.

Authentication

Authentication Social Engineering Risk Accountability

Intro to Phishing: How Dangerous Is Phishing in 2023?

Duo's Security Blog

APRIL 20, 2023

Strong security practices layer to protect against phishing attacks. But what combination can be the most effective for the widest range of users? Australia is no stranger to this rising concern, with recent reports indicating a rise in the number and severity of breaches. What is phishing?

Phishing

Phishing Social Engineering Authentication Engineering

Executive Business Reviews with Duo Care Help Companies Reach Security Goals

Duo's Security Blog

FEBRUARY 15, 2023

We prepare some slides with the analyzed data, best practices or recommendations, and the product roadmap. The Duo Care Premium Support Program was created because we really do care – about your Duo rollout, about your end-users’ experience, and about your continued satisfaction with Duo. Why does Duo Care enable EBRs?

Engineering

Engineering Accountability Information Security CISO

The Life and Death of Passwords: How Passwordless Is Evolving

Duo's Security Blog

MAY 12, 2023

Ted: Passwords have a bunch of problems from a user perspective. Our documentary, “ The Life and Death of Passwords ,” explores with industry experts the history of passwords, why passwords have become less effective over time, and how trust is established in a passwordless future. They’re really annoying to remember.

Passwords

Passwords Authentication Mobile Technology

Remote Desktop Threats & Remediations

Duo's Security Blog

MARCH 6, 2024

In this attack method, a small number of commonly used passwords are tried over many user accounts in succession. Many free and open-source tools, including NLBrute, Crowbar and Hydra, currently exist to allow attackers to automate these efforts over many user accounts at once.

Authentication

Authentication Accountability VPN Passwords

Beyond Passwords: 2FA, U2F and Google Advanced Protection

Troy Hunt

NOVEMBER 14, 2018

A few people took some of the points I made in those posts as being contentious, although on reflection I suspect it was more a case of lamenting that we shouldn't be in a position where we're still dependent on passwords and people needing to understand good password management practices in order for them to work properly.

Passwords

Passwords Authentication Accountability Mobile

Protecting Against Ransomware 3.0 and Building Resilience

Duo's Security Blog

JUNE 27, 2023

Unlike earlier versions of ransomware that targeted individual users, Ransomware 3.0 Show me the money! The number-one reported motive for a cyber breach is financial gain, and ransomware 3.0 is the newest preferred tool to get there. billion annually from these incidents. The Rise of Ransomware 3.0 in Australia What is Ransomware 3.0?

Ransomware

Ransomware Healthcare Phishing Authentication

Top Five Reasons for Choosing FIDO2 Devices for Enterprise Authentication

Thales Cloud Protection & Licensing

SEPTEMBER 8, 2022

However, strong access controls need to be user-convenient; otherwise, productivity will be hampered. Implementing passwordless authentication can also help reduce or eliminate operational costs for maintaining passwords, since your users will be able to log in without a password. Enhance identity verification with MFA.

Authentication

Authentication Passwords Phishing Data breaches

Top 5 Considerations When Enabling MFA for Tableau Online and Other Salesforce Products

Duo's Security Blog

OCTOBER 12, 2021

Customer trust is essential for businesses to succeed, which Salesforce is putting into practice with a future requirement for all customers to enable multi-factor authentication (MFA). How Does Salesforce Recommend Customers Get Started to Enable MFA? For example, you may have on-premises apps that could also benefit from MFA.

Authentication

Authentication Risk Marketing Phishing

Google Sending Security Keys to 10,000 Users at High Risk of Attack

eSecurity Planet

OCTOBER 11, 2021

Google is giving out 10,000 free security keys to high-risks users, an announcement that came a day after the company warned 14,000 of its high-profile users that they could be targeted by the notorious Russia-based APT28 hacking group. Google APP Available to All Users. ‘Cybersecurity Is a Team Sport’ In an Oct.

Risk

Risk Passwords Authentication Accountability

9 Key Takeaways from Ask Us Anything: Passwordless Tips & Tricks

Duo's Security Blog

FEBRUARY 11, 2022

They provide a suboptimal user experience, with users having to remember passwords, rotate them and meet complexity requirements. Duo Passwordless is available to try as part of our MFA edition, the simplest paid edition we offer — no add-ons or hidden costs. What is passwordless authentication? It’s simple to try.

Authentication

Authentication Passwords Mobile Risk

Cyber Security Informer

Best Practices for Enrolling Users in MFA

Duo vs. Fraudulent Device Registration

Trending Sources

Three Best Practices Every Security Leader Should Consider When Using Duo

Cyber Actors Bypassing Two-Factor Authentication Implementations

New Duo Feature Guide: Strengthening Your Multi-Factor Authentication

3 Steps to Prevent a Case of Compromised Credentials

Arachnophobic: How Duo Customers Can Respond to CISA’s Report on Scattered Spider

Intro to Phishing: How Dangerous Is Phishing in 2023?

Executive Business Reviews with Duo Care Help Companies Reach Security Goals

The Life and Death of Passwords: How Passwordless Is Evolving

Remote Desktop Threats & Remediations

Beyond Passwords: 2FA, U2F and Google Advanced Protection

Protecting Against Ransomware 3.0 and Building Resilience

Top Five Reasons for Choosing FIDO2 Devices for Enterprise Authentication

Top 5 Considerations When Enabling MFA for Tableau Online and Other Salesforce Products

Google Sending Security Keys to 10,000 Users at High Risk of Attack

9 Key Takeaways from Ask Us Anything: Passwordless Tips & Tricks

Stay Connected