Last updated : May 05, 2015
NOT ON THE CURRENT EDITION
This blip is not on the current edition of the Radar. If it was on one of the last few editions, it is likely that it is still relevant. If the blip is older, it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the Radar.
Understand more
May 2015
Assess
Worth exploring with the goal of understanding how it will affect your enterprise.
Securing online accounts is at the same time extremely important and notoriously difficult. Two-factor authentication does greatly increase security and we have recommended TOTP as a good solution. A new entrant in this field is Universal 2nd Factor ( U2F ), a solution based on public key cryptography and inexpensive USB hardware tokens. While developed at Google, it has now become a standard managed by the FIDO Alliance. We do like the promise of better protection against phishing and man-in-the-middle attacks, but are concerned because the standard currently references a specific elliptic curve digital signature algorithm that is considered to be flawed.
Jan 2015
Assess
Worth exploring with the goal of understanding how it will affect your enterprise.
Published : Jan 28, 2015
