Two-factor authentication: A Rick the Toolman episode.

Show Notes

In 1995, AT&T patented the idea of two-factor authentication (2FA). They said that to identify an authorized user, a system needed to check at least two of three factors: something they have, something they are, or something they know. But the early systems were clunky, hard to manage, and only used in environments that needed the most security. Today, the industry has come a long way and there are several different choices for 2FA with some more secure than others: SMS, Email, Authenticator Soft Tokens, Push, and Universal 2nd Factor (U2F). In this show, we talk about how each works and the relative security merits of each.

For a complete reading list and even more information, check out Rick’s more detailed essay on the topic.

HOST(S):

Rick Howard is the CSO of N2K and the Chief Analyst, and Senior Fellow at the N2K Cyber, formerly CyberWire. His past lives include CSO at Palo Alto Networks, CISO at TASC, the GM at Verisign/iDefense, the Counterpane SOC Director, and the Commander of the Army's Computer Emergency Response Team (CERT). Rick served 25 years in the Army, taught computer science at West Point, edited two books and just published his own book, "Cybersecurity First Principles: A Reboot of Strategy and Tactics" and he is regularly joined at the N2K Cyber's Hash Table by a collection of industry experts.

Schedule: Mondays (in season)

Credits: Edited by John Petrik and executive produced by Peter Kilpe. Our theme song is by Blue Dot Sessions, remixed by the insanely talented Elliott Peltzman, who also does the show's mixing, sound, and original score

Creator: CyberWire, Inc.