BIO-key Blog

Stepping Away from the Static

Even in 2021, in a world where authentication is a large part of cybersecurity measures, the password has still become the cornerstone for accessing websites, applications, and other common logins. In the recent Raconteur publication, "Future of Authentication", they report that Username/Password is still a key identity and access management (IAM) service in 73%...

Continue Reading →

Tags: password strength, static password, Uncategorized, Access Management, data security, #One-time password, OTP, OTP Authentication, stronger authentication

Brief Note about Password Policies in State and Local Government

Employees and citizens expect their data and identity to be protected through secure, reliable, and advanced technology when it comes to their interactions with their state and local government. As the novel coronavirus shuts down more offices and pushes more employees to work from home, state and local government need to prioritize...

Continue Reading →

Tags: NIST Updates, password strength, strong password, password complexity, stronger authentication, password policies, password length, passphrase, update your passwords, password patterns, password generator, password habits, secure passwords, layer of security, security risk, login session, cybercriminals, PortalGuard Security Policy, National Cybersecurity Month, password policy best practices, limit minimum password length, regular password changes, minimum length passwords, enforcing strong passwords, password age, password history, reduce reusing weak passwords

Hackers are the craftiest of fish. They nibble at your account day by day, trying 2 wrong password attempts and stopping before the 3^rd attempt locks your account. Then, they wait a day for you, the user, to log into your account and reset the password tries before they try to log in again. Think about how often you log into your most important accounts. Do you log in every day? Month? Less...

Continue Reading →

Tags: Account Unlock, Centralized Authentication, #forgotpassword, Password, password reset, password strength, Access Control, account management, password best practices, password complexity, password expiration, Password Security, #phishing, Self-Service Password Reset, SSPR, secure login, hackers, login session, password history, SSO reduces login prompts for end-users, Web Authentication, end-users, password requirements, usual password, tailored authentication, hacked, username, Self-Service Account Unlock, wrong passwords, social media, Centralized Self-Service Password Reset

The boys of summer have been in full swing! As we enter mid August, it's hard to believe that the major league baseball season is over half way completed! After the All-Star break, the drive begins. Not only will the players be getting those extra batting practice swings in and pitchers working additional bullpen sessions allowing them to dial in their mechanics for that final push into the...

Continue Reading →

Tags: 2FA, Access Server, #breach, MFA, mobile password generator, Multi-Factor Authentication, Password, password fatigue, password reset, password strength, #breachnews, data breach, password alternatives, password best practices, password complexity, password encryption, password expiration, Password Management, password manager, password quality, Password Security, Password Synchronization, #phishing, Two-Factor Authentication, hackers, update your passwords, password habits, secure passwords, breaches, limit minimum password length, reduce reusing weak passwords, applications supporting SAML, SSO Process, secure SSO, voice biometrics, employee turnover, secure acounts, password-based authentication, compliances, software, password requirements, brute-force attacks, compromised, hacked

All I’d need to know to guess one of your end users’ passwords is the name of every person important to them, how frequently they use profanity, their favorite pop culture franchises, any sports teams they like, and their favorite vehicle. Where did I get this information, you ask? It’s a trend I’ve noticed on the list of top 10,000 most easily guessed passwords. More specifically, the top 200...

Continue Reading →

Tags: Authentication Security, End user experience, MFA, Multi-Factor Authentication, multilayer authentication, Password, password fatigue, password reset, password strength, data breach, password alternatives, password best practices, password complexity, password encryption, password expiration, Password Management, password manager, password quality, Password Security, Password Synchronization, passphrase, regular password changes, changing your password often, easily guessed passwords, trochees

My recent travels abroad have made me think about how I keep my information safe while I am in a new country.  As I was packing my carry-on with snacks, spare toiletries (in case we were stranded), external battery packs (to binge the latest on Netflix), and the multitude of chargers that accompany our tablets and phones, I hesitated. How am I going to protect the information on all of my...

Continue Reading →

Tags: 2FA, #cybersecurity, email, information security, #infosec, MFA, Microsoft, Multi-Factor Authentication, password strength, data security, password alternatives, Password Management, password quality, Password Security, two-factor, Two-Factor Authentication, Google Authenticator, passphrase, enforcing strong passwords, reduce reusing weak passwords, Benefits of 2FA, employee turnover, secure acounts, compliances, strong online security, online security, improve security, free wifi, accessing data, enable 2fa, Keeping your information safe, security applications, beware of free wifi, personal data, personal security, internet access, stay safe online, work applications, security compliance

It’s finally Spring here in the Northeast, which means it’s time to get cleaning! Usually, we think of Spring cleaning as taking part in household chores, but there’s another place most IT professionals overlook that needs some attention; That’s right, your technology!

Continue Reading →

Tags: 2FA, email, encryption, IT Security, MFA, Multi-Factor Authentication, multilayer authentication, On-premise, Password, password strength, Saas vs On-premise, account management, Active Directory, data security, OTP Authentication, password alternatives, password encryption, Password Management, password manager, password quality, Password Security, #phishing, secure authentication, transparent authentication, Two-Factor Authentication, web applications, secure login, Google Authenticator, OTP Methods, hackers, passphrase, secure passwords, breaches, IT Department, security risk, HOTP, Ransomware, unlocking accounts, ransomware attacks, IT Professionals, IT Management, maintain security privacy, secure integration, secure acounts, software, administrator, management solution, operating systems, malware, unauthorized applications, firmware, Admin Privileges, zombie accounts, multilayer encryption

Proxy? Sounds confusing, mysterious, or essential? So what is it and why would you want to use one? A proxy server is a wall that acts as a gateway between you and the internet. Without a secure proxy, your browser communicates directly with the internet. Think of the proxy as a form of protection; it can scan your downloads, filter web content, get around certain web restrictions and allow...

Continue Reading →

Tags: #cyberattacks, #cybersecurity, encryption, End user experience, password strength, #singlesignon, strong password, customer experience, Cyber Security, password encryption, #phishing, SSO Proxy, single logout, stolen passwords, password policies, password length, update your passwords, password habits, secure passwords, password policy best practices, limit minimum password length, password age, PortalGuard Proxy, one click, proxy server

Email scams are nothing new. We’ve all heard of someone’s grandmother sending money overseas to a grandchild in trouble, while the grandchild is in the next town over and clearly not in trouble. Or the Foreign Prince who has a confidential and top-secret request of wanting your money. Most of these scams have red flags such as misspellings, improper English, bad grammar, and usually end up...

Continue Reading →

Tags: 2FA, authentication management, Authentication Security, #bestpractices, #cyberattacks, #cybersecurity, email, expiration, login security, Multi-Factor Authentication, Password, password strength, #passwordmanagement, security questions, #strongerauthentication, #breachnews, #ConsiderThis, data breach, #One-time password, password alternatives, password best practices, password complexity, Password Management, password manager, password quality, Password Security, stronger authentication, stronger security, #strongpassword, Two-Factor Authentication, #twofactor, #YubiKey, password spraying, increase security, security trends, PortalGuard Authentication Provider, Google Authenticator, SMS Text Message Gateway, Duo Push Security, OTP Methods, stolen passwords, hackers, scams, password policies, password length, CyberScout, passphrase, update your passwords, password patterns, password generator

No one wants to be considered a weak link, even more so when it happens unknowingly. Everyone is staring at you, and you don’t know why. Well, not really, but imagine that’s what happens when you choose a low-quality password. You become your school's weak link. The difference is no one around you really knows it because it’s your secret and I.T. Administrators can’t identify you as a...

Continue Reading →

Tags: 2FA, Authentication Security, authentication security, Banner, batch import, #cyberattacks, #cybersecurity, End user experience, higher education, password strength, strong password, #strongerauthentication, Access Control, Access Management, Active Directory, Authentication Provider, #breachnews, customer experience, Cyber Security, data breach, data security, Empower Up, #phishing, stronger authentication, stronger security, #strongpassword, Lanyard Login, teachers, Chrome Books, K-5, Special Education, Para Professionals, Students, Single Sign-On Options, increase security, security trends, secure login, PortalGuard Authentication Provider, Google Authenticator, classroom, OTP Methods, Portal Customization, empower users, stolen passwords, hackers, scams, weak link