How Your End Users Can Enable Their Mobile Phones to Act as 2FA Devices, Part 3

This is the third and final post in our series on using 2-Factor Authentication (2FA). In the first, we talked about why you need to replace SMS as a means of achieving 2FA, and introduced Duo Security as an effective way of doing this. In the second, we gave guidelines for setting up Duo Security at your organization.

Read more “How Your End Users Can Enable Their Mobile Phones to Act as 2FA Devices, Part 3”

How to Implement 2FA Security in Your Organization Using Duo Security, Part 2

In a recent blog post I spoke about the need to find another way of achieving 2-Factor Authentication now that SMS has been deprecated by the National Institute for Science and Technology.

In this post I’m going to offer some guidance, based on my experience at Threat Stack, on how you can implement Duo Security as an easy and effective way of providing a secondary level of authentication in a 2FA throughout your organization. Along the way, I’ll point out some of the key factors and best practices you should take into account to make sure your setup is usable, based on strategy (i.e., you’re not setting up a feature just because you can), and addresses the actual security needs of your particular company. Read more “How to Implement 2FA Security in Your Organization Using Duo Security, Part 2”