Black Hat 2009: SSL insecurity and MultiFactor


New flaws with how SSL is implemented were revealed at Black Hat 2009, but SecureAuth can’t be tricked.

These flaws can trick a user in to thinking they are at a legitimate web site. The main problem with SSL is not that the attack is undetectable, but that end-users have to inspect the server-side certificate, and know what they are looking for. (How often do you click on the ‘lock’ icon in your browser? And, would you know if something was not right?)

SecureAuth protects against these and other attacks by automating the process. SecureAuth, as part of the authentication process, makes sure the end-user is connected to the legitimate server, before asking for a password.

This level of security is simple to deploy to your cloud services, web servers and remote access VPNs, providing two-factor authentication that satisfies PCI and other regulatory mandates, and goes beyond other 2-factor solutions that are really just password replacements.

Check out the website at http://www.multifa.com for more information about what Multifactor can do for you. The product comes recommended by some of my professional contacts.

Posted via web from John Dierckx

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s