Podcasts about single sign

My guest today is Kristof Gazso, founder of Pimlico. Pimlico is an ERC-4337 smart account infrastructure provider. Pimlico offers a handful of services, including Alto, the most popular bundler by total executed user operations, a paymaster transaction sponsorship solution, and permissionless.js a new platform agnostic typescript library built on top of viem, that helps devs wire dapps up to smart accounts. On this episode, Kristof and I chat about the design of 4337, the most recent updates to the spec, and their recent seed round fundraise. It was great getting a chance to talk to Kristof about his journey building Pimlico. I hope you enjoy the show. As always, this show is provided as entertainment and does not constitute legal, financial, or tax advice or any form of endorsement or suggestion. Crypto has risks and you alone are responsible for doing your research and making your own decisions. Links Hosted by @nicholas ERC-4337: Account Abstraction Using Alt Mempool ERC-7521: General Intents for Smart Contract Wallets Pimlico Docs BundleBear Kristof's site Patch Wallet permissionless.js zkp2p Etherspot ERC-6900: Modular Smart Contract Accounts and Plugins ERC-7579: Minimal Modular Smart Accounts & https://erc7579.com ERC-6492: Signature Validation for Predeploy Contracts https://delegatable.org/ ERC-7555: Single Sign-on for Account Discovery ERC-7556: Embedded Accounts as Smart Modules

Microsoft Intune now has built-in native controls so you can manage your Macs similar to how you manage Windows PCs across the device lifecycle, without third party integrations or extensions. This decreases complexity and overhead and increases security, to help achieve your Zero Trust goals. Jeremy Chapman, Director of Microsoft 365, walks through the highlights: • Automated device enrollment  • Microsoft Entra ID based single sign-on experience • Extended configuration management controls  • Support for common DMG and PKG app package types  • Declarative Device Management (DDM) for updates • Upcoming capabilities like Remote Help for macOS within the Intune Suite   ► QUICK LINKS: 00:00 - Manage your Macs similar to Windows PCs 01:12 - Admin configurations: Device Enrollment 03:16 - User experience for setup 05:50 - Device configuration for admins 07:13 - Declarative Device Management (DDM) 07:50 - Security settings 08:35 - Distribute and install DMG and PKG app packages 10:23 - Remote Help for macOS coming soon 10:54 - Wrap up   ► Link References Get more information at https://aka.ms/IntuneforMac   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics  

In der Nachmittagsfolge begrüßen wir heute Adam Probst, CEO von ZenML, und sprechen mit ihm über die erfolgreiche Erweiterung der Seed-Finanzierungsrunde auf 6,4 Millionen US-Dollar.ZenML entwickelt ein erweiterbares Open-Source-Framework zur Erstellung produktionsreifer Pipelines für maschinelles Lernen. Dabei wird die Komplexität der Infrastruktur für Machine Learning Engineers abstrahiert, ohne sie an einen Anbieter zu binden, da es ein einheitliches Erlebnis auf allen wichtigen Plattformen wie AWS, GCP und Azure bietet. Dies ermöglicht Unternehmen Cloud-übergreifende Workloads effektiv zu verwalten. Darüber hinaus erweitern die bestehenden Integrationen von ZenML mit über 50 ML-Tools, darunter HuggingFace, Weights & Biases und MLflow, die Anpassungsfähigkeit und den Komfort. Dies bietet eine hohe strategische Flexibilität mit Cloud-agnostischen Integrationen. Ein Beispiel für den Wert der Lösung ist die Integration von Orchestrierungstools mit Experiment-Tracking-Tools. Anstatt mit fragmentierten Pipelines zu arbeiten, bietet ZenML einen zentralen Rahmen, der diese Werkzeuge auf kohärente und standardisierte Weise miteinander verbindet. User können mit einem Klick von der lokalen Entwicklung zur Skalierung in die Cloud wechseln. Seit Anfang 2023 hat das Startup außerdem einen vollständig verwalteten Cloud-Service für eine ausgewählte Gruppe von Kunden. Dieser Dienst baut auf dem Open-Source-Kern auf und erweitert dessen Fähigkeiten um umfassende Funktionen wie Single Sign-on, rollenbasierte Zugriffskontrolle und Delivery-Integrationen. ZenML wurde im Jahr 2021 von Adam Probst und Hamza Tahir in München gegründet.Nun hat das Open-Source-Framework eine Erweiterung der Seed-Runde um 3,7 Millionen US-Dollar auf 6,4 Millionen US-Dollar bekannt gegeben. Die Erweiterung wurde von Point Nine angeführt und von dem bestehenden Investor Crane unterstützt. An der Investitionsrunde beteiligten sich Business Angels wie D. Sculley, CEO von Kaggle, Harold Giménez, SVP R&D bei Hashicorp sowie Luke de Oliveira, ehemaliger Direktor für maschinelles Lernen bei Twilio. Das frische Kapital soll die Einführung von ZenML Cloud unterstützen.

This week on Hacker And The Fed we offer updates on the MOVEit and MGM Resorts hacks, the US State Department has no idea if its IT security actually works, the Senate's email system melts down in the face of a security test, Cisco can't stop using static passwords, and we answer listener questions about Single Sign-on, circumventing company IT rules, and LinkedIn profiles. Links from the episode: MOVEit Maker Announces New Critical Vulnerability Affecting a Different File Transfer Tool https://therecord.media/progress-new-file-transfer-vulnerability   MGM Resorts Hack Update https://x.com/brettforrest89/status/1711885567695433765   US State Dept has No Idea if its IT Security Actually Works, Say Auditors https://www.theregister.com/2023/10/02/us_state_security_gao/ https://endoflife.date/windows   The Senate's Email System Melted Down in the Face of Security Test https://www.politico.com/minutes/congress/09-8-2023/senate-reply-all-mess/   Cisco Can't Stop Using Static Passwords https://www.schneier.com/blog/archives/2023/10/cisco-cant-stop-using-hard-coded-passwords.html Support our sponsors: Get your Hacker and the Fed merchandise at hackerandthefed.com Send HATF your questions at questions@hackerandthefed.com

Simplify and improve security for sign-in experiences with Microsoft Entra ID, the new name for Azure Active Directory. Microsoft Entra ID is a unified identity provider to sign into your non-Microsoft services, like Google, AWS, Salesforce, and ServiceNow.  See how it's used to manage service licensing for Microsoft 365, Office 365, Enterprise Mobility + Security, and Microsoft Purview. It features unique capabilities like conditional access, passwordless authentication, Single Sign-on, and Dynamic Groups. Perform the most common day-to-day tasks, like adding and editing user accounts, options for groups and what each do, as well as managed identities, role assignment, admin units, and additional core capabilities. Jeremy Chapman, director of Microsoft 365 and a long-time endpoint management and directory services admin, explains the setup and configuration.  ► QUICK LINKS: 00:00 - Simplify identity management 01:05 - Consolidate identity services 02:52 - Admin experience 05:09 - Conditional Access 05:39 - Manage user accounts 07:09 - Edit users 08:16 - Dynamic Groups 10:22 - Admin Roles & Admin Units 11:45 - Single Sign-On 12:34 - Wrap up ► Link References For more information, check out https://aka.ms/EntraDocs ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics  

A session and user authentication Zero Trust tactic that allows a user to access multiple applications with one set of login credentials. CyberWire Glossary link: https://thecyberwire.com/glossary/single-sign-on Audio reference link: English, J., 2020. What is Single Sign-On (SSO)? SSO Benefits and Risks [Video]. YouTube. URL https://www.youtube.com/watch?v=YvHmP2WyBVY Learn more about your ad choices. Visit megaphone.fm/adchoices

A session and user authentication Zero Trust tactic that allows a user to access multiple applications with one set of login credentials. CyberWire Glossary link: https://thecyberwire.com/glossary/single-sign-on Audio reference link: English, J., 2020. What is Single Sign-On (SSO)? SSO Benefits and Risks [Video]. YouTube. URL https://www.youtube.com/watch?v=YvHmP2WyBVY

Let's talk about digital identity with Keith Uber, VP Customer Success at Ubisecure. In episode 94, Keith joins Oscar to delve into Single Sign-On (SSO) best practises and how organisations can implement SSO – including technical aspects, how it used in practise and the advantages of SSO. [Transcript below] "The best type of single sign-on is where the user doesn't notice it." Keith is VP Customer Success at Ubisecure. As an Identity and Access Management product expert, he leads the Sales Engineering team and is involved in many stages in the planning and design of demanding customer implementation projects. Keith is active in various industry organisations and has a keen interest particularly in government mandated digital identity systems. He holds a bachelor's degree in I.T. and a master's degree in Economics, specialising in software business. Check out Keith's SSO video series. Connect with Keith on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to @Ubisecure on YouTube to watch the video transcript for episode 94. Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thank you for joining a new episode of Let's Talk About Digital Identity. Single Sign-On is one thing that, today we take it for granted. So, it's even hard for us to remember when was the first time we have used it. Today, we'll go a bit deeper into that and in which direction Single Sign-On is going. And for that we have a special guest, who is Keith Uber, VP at Ubisecure. Hello, Keith. Keith Uber: Hi, Oscar. Oscar: Thank you for joining us for the second time. So, you have been – two years ago. Two years ago, you've been here before talking about mergers and acquisitions. So happy to have you back here. Keith: It's a pleasure. Thank you for the invite to come back. Oscar: Yeah, nice to have you, Keith. And we'd like to hit a few things about yourself. So, you can tell us about your journey to the world of digital identity. Keith: Yeah. So, my entry into the world of identity probably began around the year 2000 when I had just moved to Finland from Australia. I was working for telco provider, who was in the – around the dot-com boom era had been acquiring lots of small businesses. Lots of startups, they had their own projects and all of these have many different types of identity systems and lobbying systems. And my introduction to that process was – my job was to evaluate different solutions to their problem and ultimately, take part in a commercial pilot to implement a product to solve that problem. Oscar: Excellent. And I already can imagine that a single sign-on had some role on that. Just guessing that yes, single sign-on is something that. I was really trying to remember when was the first time that I used it and it's quite difficult. Because it has been coming in different, in different flavours I would say. Probably the first time I used was in one of my first jobs when, you know, you go to the office - people used to go to the office every day, and today is not, not for everyone at least. And then you sit down, and you login to your computer. You login to the domain and then suddenly, you can access some of the internal applications without logging in again. So that is one of the ways. And then later it came, what we see more often today is the web single sign-on, right? So, several applications. So, in order to start with the basics, how you define single sign-on in a nutshell? Keith: Yeah. Single Sign-On is maybe a more technical term that the industry understands. But for the end users, they don't really understand what the single sign-on means. But they do understand that they don't want to have to sign in again and again to different parts of the same website or different sections of the same company.

On this episode of The Modern Practice Podcast, host Gary Tiratsuyan is joined by Rectangle Health's Senior Director of Enterprise Solutions, James Swan, to discuss a buzzword in healthcare, "Single Sign-On." James and Gary go into detail about what Single Sign-On is, and why healthcare practices and organizations across the country are seeking a software solution that can perform most, if not all of the day-to-day tasks as it relates to the business side of care. James talks about the inefficiencies and cost associated with layering technologies and how providers and larger healthcare organizations can achieve more with less, and reduce costs utilizing a single sign-on software like Practice Management Bridge®. If you missed James Swan's first episode on "Increasing Cash Flow," you can access it here: https://bit.ly/44hquSm Have questions? Connect with and message James on LinkedIn: https://bit.ly/449RjaI Learn more about Rectangle Health's robust and powerful software solution Practice Management Bridge: https://bit.ly/3PnCjSF Dykema DSO Conference 2023: https://bit.ly/3NJw6zb

In episode 142 of our SAP on Azure video podcast we talk about the DSAG Investment Report 2023, Zone Redundant Storage for Azure Disks, Power your business with AI, Microsoft AI SDK for SAP and Power Platform being more than just a toy. Then we focus on Power Platform and SAP. One of my recommendation to customers is always to use Single Sign-On when using Power Platform and SAP. With the new SAP ERP Connector the configuration for using Kerberos has been simplified quite a bit! Martin Raepple walks us through and end-to-end process and some key configuration steps. https://www.saponazurepodcast.de/episode142 Reach out to us for any feedback / questions: * Robert Boban: https://www.linkedin.com/in/rboban/ * Goran Condric: https://www.linkedin.com/in/gorancondric/ * Holger Bruchelt: https://www.linkedin.com/in/holger-bruchelt/  #Microsoft #SAP #Azure #SAPonAzure #PowerPlatform #SSO 

Single Sign-On (SSO) in the real world is complicated and messy and how we got there is a byzantine maze of innovation and standards that has taken years. But, if zero trust is the first principle strategy we are all trying to pursue, getting Identity and Access Management (IAM) right is the most important tactic. And, SSO is a piece of the entire Identity and Access Management puzzle. Rick summarizes the history and current state of Single Sign-On with some Rick the Toolman thrown in.

This week, Dr. Doug raves about: 'The Orgy of the Walking Dead' or Elon is controlling my brain, Schoolyard Bully, Redigo, DuckLogs, Dod Alphabet soup, Sirius XM, Pixel Tracking, TSA, Single Sign-on rants, and more on the Security Weekly News!   Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/swn259

This week, Dr. Doug raves about: 'The Orgy of the Walking Dead' or Elon is controlling my brain, Schoolyard Bully, Redigo, DuckLogs, Dod Alphabet soup, Sirius XM, Pixel Tracking, TSA, Single Sign-on rants, and more on the Security Weekly News!   Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn259

This week, Dr. Doug raves about: 'The Orgy of the Walking Dead' or Elon is controlling my brain, Schoolyard Bully, Redigo, DuckLogs, Dod Alphabet soup, Sirius XM, Pixel Tracking, TSA, Single Sign-on rants, and more on the Security Weekly News!   Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/swn259

As a Developer, How do you manage the users that can access the system? Jonathan and Will share some pointers and approaches on how you can protect your system or account from being accessed by multiple or anonymous users.  About this Episode Different Infrastructure as code tools  Ways how to manage group permission Advantages of Single Sign-on 2 Factor Authentication Sponsors Chuck's Resume Template Developer Book Club starting with Clean Architecture by Robert C. Martin Become a Top 1% Dev with a Top End Devs Membership Picks Jonathan -Watch The Lord of the Rings: The Rings of Power - Season 1 Jonathan - Finite and Infinite Games Will - asana Will - Bearmax Massage Gun

One of the biggest challenges of the era is how to securely sign people on to work devices from anywhere in the world. Apple has had Kerberos and Active Directory support for some time. They have also recently released frameworks and APIs for modern identity support and payloads for MDM for ExtensibleSingleSignOn. Today we're going to cover the SSOE with the Product Manager at Microsoft for Azure AD, to see what we can do today - and how we factor this into our plans for the future. Hosts: Tom Bridge - @tbridge777 Charles Edge - @cedge318 Marcus Ransom - @marcusransom Guests: Michael Epping - @mepples21 Transcript: Transcription of this episode brought to you by Meter.com Click here to read the transcript Links: ExtensibleSingleSignOn | Apple Developer Documentation Microsoft Enterprise SSO plug-in for Apple devices (preview) MDOYVR20 - Joel Rennich - Single Sign On for fun and profit ASAuthorizationProviderExtensio... Sponsors: Kandji Mosyle Watchman Monitoring If you're interested in sponsoring the Mac Admins Podcast, please email podcast@macadmins.org for more information. Get the latest about the Mac Admins Podcast, follow us on Twitter! We're @MacAdmPodcast! The Mac Admins Podcast has launched a Patreon Campaign! Our named patrons this month include Weldon Dodd, Damien Barrett, Justin Holt, Chad Swarthout, William Smith, Stephen Weinstein, Seb Nash, Dan McLaughlin, Joe Sfarra, Nate Cinal, Jon Brown, Dan Barker, Tim Perfitt, Ashley MacKinlay, Tobias Linder Philippe Daoust, AJ Potrebka, Adam Burg, & Hamlin Krewson

This is a recording of a short introduction into my latest project. To help sysadmins everywhere the Onestein organization (an organization specialized in Odoo implementations) invested 4 month of research to create a set of easy to use Ansible playbooks to configure single sign on (SSO) for popular open source applications to enable them to authenticate to a Keycloak server as the central identity provider. These playbooks have been published on https://github.com/onesteinbv/project_single_sign_on. The list of supported applications are currently: Bitwarden Jenkins Gitlab Keycloak (not SSO, but the identity provider) Nextcloud Odoo Xwiki Zabbix All playbooks and servers are for Ubuntu servers and are meant to be used as a starting point. 5 minute YouTube talk at the 2022 Nextcloud conference about this project: https://www.youtube.com/watch?v=pDPKzo8Bi10

An overview of Russian cyber operations. The IT Army of Ukraine claims to have doxed the Wagner Group. Who dunnit? Lapsus$ dunnit. Emily Mossburg from Deloitte and Shelley Zalis of the Female Quotient on why gender equality is essential to the success of the cyber industry. We've got a special preview of the International Spy Museum's SpyCast's latest episode with host Andrew Hammond interviewing Robert Gates on the 75th anniversary of the CIA. And a look at the risk of stolen single sign-on credentials. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/181 Selected reading. Ukraine's IT Army hacks Russia's Wagner Group (Computing) Untangling the Russian web: Spies, proxies, and spectrums of Russian cyber behavior  (Atlantic Council) Security update | Uber Newsroom (Uber Newsroom) Tentative attribution in the Uber breach. (CyberWire) Uber says Lapsus$-linked hacker responsible for breach (Reuters) Uber blames security breach on Lapsus$, says it bought credentials on the dark web (ZDNET) Uber's breach shows how hackers keep finding a way in (Protocol) Uber attributes hack to Lapsus$, working with FBI and DOJ on investigation (The Record by Recorded Future) Uber data breach spotlights need for enterprises to ‘get the basics right', say experts (ITP.net) "Keys to the Kingdom" at Risk: Analyzing Exposed SSO Credentials of Public Companies (Bitsight)

On this week's episode of the podcast, I go through my highlights from this year's VMware Explore announcements, I talk about some exciting new Microsoft Azure features, Numecent Cloudpager's native WAM package support and much more! Reference Links: https://www.rorymon.com/blog/episode-245-huge-vmware-explore-announcements-aad-single-sign-on-update/

Links: 35K GitHub repos had been compromised by malware. GitHub security issued a response within 24 hours showing what their findings indicate and clarifying the situation. Scale your workforce access management with AWS IAM Identity Center (previously known as AWS SSO) Welcoming the AWS Customer Incident Response Team - Surprisingly this doesn't require a paid support plan. iamlive generates IAM policies from AWS calls via client-side monitoring

What's up everyone, this is Dariusz Kalbarczyk co-founder of NG Poland, JS Poland, AngularMaster.dev & WorkshopFest.dev. Welcome back to the Angular Master Podcast. Today, together with Manfred Steyer, who is an excellent Speaker, Trainer, Consultant and Author with focus on Angular. We will talk about Auth for SPAs and Micro Frontends You started a blog series where you tell us that the browser is no safe place for storing security tokens. However, it's quite modern to directly use JWT tokens, OAuth 2 and OpenId Connect in the browser. What's the reason for this? Do we need to panic, if we still use tokens in the browser? If we should not directly use security tokens in the browser, how to implement Single-Sign-on with existing identity solutions like Active Directory? How to deal with APIs of different origins? You also mention that there is a way to use these ideas to improve security while making everything easier. How is this even possible? Let's assume, we have installed and configured such a Security Gateway. What do I need to do on the client-side for authentication and authorization? And what do I need to do on the server-side? Can you tell us a bit about your reference implementation for this idea? You are using ASP.NET Core for this. What to do, if this is not part of our stack? What Identity Solutions does this implementation support? What's with Cross-Site-Request-Forgery Attacks, now, as we have cookies again? Do we need to protect ourselves from them? You also talked a lot about Micro Frontends recently. Does this approach also work with them or do we have to adjust it? --- Send in a voice message: https://podcasters.spotify.com/pod/show/angular-master/message

בפינה זו, נגיש לכם מידע על העבודה היומיומית בסביבת ענן מנקודת המבט שלנו. דוברי הפרק: אבי קינן וניב יונגלסון. בפרק הקודם, אדם הציג לנו פייפליין של Azure DevOps מקצה לקצה כולל הסברים מפורטים על תהליך ה-CI/CD. בפרק זה, נדבר על ה-SSO Single sign-on) ב-AWS, כאשר ניב תסביר מה זה בעצם, מה השימושים שלו ומדוע הוא חשוב. רוצים להתעדכן בתכנים נוספים בנושאי ענן וטכנולוגיות מתקדמות? הירשמו עכשיו לניוזלטר שלנו ותמיד תישארו בעניינים. להרשמה: https://www.israelclouds.com/newslettersignup

We are excited to announce that we are beginning the implementation of single sign-on (SSO) access across Securitytrails. Okta SSO is the first provider we're bringing on in this effort to deliver secure authentication and a better user experience to our users. SSO and its security benefits Single sign-on (SSO) is an authentication service offered by various providers that allows for the use of only one set of credentials, usually a username and password, to access multiple applications securely. With the emergence of cloud computing and the accelerated use of software-as-a-service (SaaS), organizations are adopting the centralized authentication of SSO as an efficient way to provide risk-free access to multiple resources. Some of the main security benefits organizations have reported with the implementation of SSO are: Decrease in likelihood of password theft: One of the best security practices is to have strong and unique passwords for each account/app, but that can be difficult to manage on an organizational level. With SSO, users only need one strong passphrase, meaning they're more likely to remember it and less likely to store it carelessly. Prevention of shadow IT: Shadow IT is becoming more prevalent in cloud-centric environments. SSO allows for monitoring which apps are used by and permitted for users, thus preventing further shadow IT. Help with regulatory compliance: Common regulations such as HIPAA require effective authentication of users as well as automatic logoff for all accessed resources, which SSO effectively enables. Our choice: Okta SSO Okta was our first choice, as it's one of the as an SSO provider best for enterprise users. Known for its numerous integrations, Okta SSO provides different directory types and powerful and essential features that allows for easy implementation and a user-friendly interface. Okta is standard-compliant with the O-Auth 2.0 protocol that controls authorization of access to sensitive resources and is a certified OpenID Connect provider, a protocol built on the OAuth 2.0 that provides user authentication and SSO functionality. How to enable SSO in Securitytrails To enable SSO authentication in your account, simply contact us requesting to change your default authentication scheme (please note that as a requirement you'll need to previously setup an application inside your Okta organization and provide its client_id along with your designated Okta login's domain name). For a detailed procedure on how to set it up, please check our SSO documentation. After SSO is enabled on your account, you'll receive an email containing an invite link to begin the authentication process. The link in the email will then redirect you to a confirmation page to continue. After confirmation, you'll be presented with a login prompt, where you'll need to sign in with your SSO credentials to be authenticated. Once you enter your credentials, user authentication takes place against the chosen SSO provider—currently with Okta SSO. You're all set! For future SSO authentication usage you can validate your account by using a login link that's unique to your organization, which will be in the following format: This is just the start Implementing Okta is the first step in enabling SSO across Securitytrails and providing centralized authentication to our users. More authentication protocols will be rolled out in the future—stay tuned!

Estamos acostumbrados a loguearnos con las cuentas sociales... pero ¿y si queremos que nuestros WordPress sea el centro de datos de usuarios? El Single Sign-On nos da la solución.

Estamos acostumbrados a loguearnos con las cuentas sociales... pero ¿y si queremos que nuestros WordPress sea el centro de datos de usuarios? El Single Sign-On nos da la solución.

This episode, we define Single sign-on (SSO) solutions for identity management, and we're thrilled to get some help from a very special guest. Dr. Geoffrey Goodell is a senior research associate in the financial computing and analytics group at the department of computer science at University College London. Furthermore, Dr. Goodell is the lead researcher at the Peer Social Foundation, our non-profit partner focused on education, research and open-source initiatives aimed at decentralizing identity and access for people, business and government.What exactly is Single sign-on and why do people use it?

Brief Summary:Authentication has become a necessity in a digital world that's ever-increasing in complexity. What can you do to arm yourself against the constant threat of data breaches and hacks? In this episode Jason sits down with Aviad Mizrachi, CTO and Co-Founder of Frontegg, to give us valuable insight into how Authentication works, and how these help you become more defensible against attacks.This episode touches on the following key topics and ideas:00:00:24 Introduction00:01:10 Introducing Aviad Mizrachi00:04:36 The login00:06:32 The many intricacies of Authentication00:10:25 How are passwords sent to servers?00:11:26 Query param00:16:59 Multi-factor authorization (MFA)00:20:11 Time-based One-Time Password (TOTP)00:28:05 Single Sign-on (SSO) Cross-site scripting00:33:38 Ad: SignalWire, a next-gen video collaboration platform00:35:03 Session tokens00:36:36 Cross-site scripting (XSS)00:39:24 JSON web tokens (JWTs)00:41:24 Difference between session token and refresh token00:49:33 More about Frontegg, Aviad's company00:54:14 SQL injection attack00:56:11 Auditing and audit logs00:59:42 Authentication in mobile apps01:00:50 Frontegg hiring and intern opportunities01:05:22 Frontegg product offeringsResources mentioned in this episode:Tools Frontegg https://frontegg.com/ TypeScript https://www.typescriptlang.org/ Angular https://angular.io/guide/architecture Microsoft Identity and Access Management https://www.microsoft.com/en-ww/security/business/identity-access-management Google Identity https://developers.google.com/identity Okta https://www.okta.com/ Articles:How Twitter CEO Jack Dorsey's Account Was Hacked https://www.wired.com/story/jack-dorsey-twitter-hacked/ Our sponsor for this episode is SignalWirehttps://signalwire.com/You can reach Aviad on:LinkedIn | GitHubIf you've enjoyed this episode, you can listen to more on Programming Throwdown's website: https://www.programmingthrowdown.com/Reach out to us via email: programmingthrowdown@gmail.comYou can also follow Programming Throwdown on Facebook | Apple Podcasts | Spotify | Player.FM Join the discussion on our DiscordYou can also help support Programming Throwdown through our Patreon★ Support this podcast on Patreon ★

Josh and Kurt talk about what happens when you lose access to your Single Sign On provider. These providers have become critical to many of us, if we lose access to our SSO account we will lose access to many services. Show Notes Postbank

Katherine Druckman and Doc Searls talk to Bastian Purrer and Namik Muduroglu about Human ID, their open source anonymous single sign-on solution. Subscribe to our newsletter. (https://reality2cast.com/newsletter) Reality 2.0 around the web: Site/Blog/Newsletter (https://www.reality2cast.com) FaceBook (https://www.facebook.com/reality2cast) Twitter (https://twitter.com/reality2cast) YouTube (https://www.youtube.com/channel/UCdvdT3quikpi9sd5SxTGk3Q) Mastodon (https://linuxrocks.online/@reality2cast) Special Guests: Bastian Purrer and Namik Muduroglu.

This week, Matt Mosley and Kash Izadseta cover everything SSO. What is SSO, is it safe and what are the immediate technology limitation of the solution. Single Sign On Security and its Tech Limitations DoS Attacks SSO Links mentioned in this episode: https://www.linkedin.com/in/ben-dimick https://www.linkedin.com/in/mattmosley1 https://www.linkedin.com/in/kashizadseta http://tevoratalks.com Instagram, Twitter, Facebook: @TevoraTalks

In this week's episode, the Freight Guru goes over why he chose Okta as his single sign on and how it can completely change your business! Check out our other episodes for more useful information!Visit us for more: https://thefreightguru.io/Watch the full podcast on YouTube

In Episode #40 we talk about Storing and Processing EU Data in the EU, Azure NetApp Files availability, SAP Deployment Automation Framework, live sessions on Business Technology Platform and then Martin Räpple talks about Single Sign-On from a Teams Chatbot -- build with Power Virtual Agent -- to an SAP system using the on-prem data gateway. Blogpost: https://blogs.sap.com/2021/04/13/principal-propagation-in-a-multi-cloud-solution-between-microsoft-azure-and-sap-business-technology-platform-btp-part-iv-sso-with-a-power-virtual-agent-chatbot-and-on-premises-data-gateway/ More info on https://github.com/hobru/SAPonAzure

 In this webinar Stephan talks through all the steps needed to configure your Microsoft Teams Bot to use Single Sign on (SSO) by connecting it to Azure Active Directory. Support the show (https://www.selectedtech.show/)

The typical procedure many companies follow to reach production-level code is design the program, code and test it in different environments, and put it in a pipeline to deploy to production. Developers can make it pretty far into building their core features before inevitably breaking to include enterprise features and security standards like Single Sign The post WorkOS: Making Enterprise-Ready Apps with Michael Grinich appeared first on Software Engineering Daily.

The typical procedure many companies follow to reach production-level code is design the program, code and test it in different environments, and put it in a pipeline to deploy to production. Developers can make it pretty far into building their core features before inevitably breaking to include enterprise features and security standards like Single Sign

Adam Wood · Matthew 16:1–16 · March 14, 2021

In this episode Rick talks us through single sign on in Teams tabs.Support the show (https://www.selectedtech.show/)

This week on the podcast, Kyle shares some upcoming changes to psadmin_plus, testing strategies for PeopleTools Patches, and Dan discusses how SAML2 works for PeopleSoft Single Sign-On. Show Notes January 2021 CPU Patches @ 1:00 Upcoming psadmin_plus Improvements @ 13:30 PUBSUB Support Improve Multi-CFG_HOME Support Ignore invalid domains SSO with SAML and Appsian@ 22:00

Es gibt viele Dinge, die sich die SAP Basis oder die SAP Security wünschen könnte. Aber dieses Jahr steht Single Sign-On mal nicht ganz oben auf dem Wunschzettel. Meine vollkommen subjektiven Empfehlungen.

COMPTIA A+ Terminology made easy for you !

This week, Adam and Andy go over why you should think about using an Identity Provider (IDP) to onboard your SaaS apps to use SSO. They also talk about why it's really important to think about what IDP to go with prior to making a decision. Finally, they talk about SSPR and why it's important to implement this feature in your organization. Documentation: Azure AD SSO options Enable Azure SSPR Enable Okta SSPR Andy Jaw Twitter: @ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Adam Brewer Twitter: @ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ --- Send in a voice message: https://anchor.fm/blue-security-podcast/message

La comodità di una sola password può attrarre. Il single sign-on, ovvero la possibilità di accedere ai propri account usando la login di Facebook, Google o altro big tech dà questa possibilitàCi sono però tanti elementi da considerare.Se vuoi conoscerli ti invito ad ascoltare questo episodio e poi commentare.

In today’s modern enterprise, where traditional security boundaries have all but disappeared, Identity has become the new security perimeter. In this episode, CyberArk Identity Security expert Corey Williams will explore the concept identity security and its key elements, including Privileged Access Management, Multi-factor Authentication, Single Sign-on, and innovations in machine learning and AI - that are powering Identity Security today. Corey will also explore the Identity Security technology landscape and the evolution of Identity, focusing on Identity Security as an enablement tool in the age of remote work arrangements, growing cloud adoption, and everything mobile.   This segment is sponsored by CyberArk. Visit https://securityweekly.com/cyberark to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw198

In today’s modern enterprise, where traditional security boundaries have all but disappeared, Identity has become the new security perimeter. In this episode, CyberArk Identity Security expert Corey Williams will explore the concept identity security and its key elements, including Privileged Access Management, Multi-factor Authentication, Single Sign-on, and innovations in machine learning and AI - that are powering Identity Security today. Corey will also explore the Identity Security technology landscape and the evolution of Identity, focusing on Identity Security as an enablement tool in the age of remote work arrangements, growing cloud adoption, and everything mobile.   This segment is sponsored by CyberArk. Visit https://securityweekly.com/cyberark to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw198

最新情報を "ながら" でキャッチアップ！ ラジオ感覚放送 「毎日AWS！」 おはようございます、サーバーワークスの加藤です。 今日は 9/2 に出たアップデート2件をご紹介。 感想は Twitter にて「#サバワ」をつけて投稿してください！ ■ UPDATE ラインナップ AWS Single Sing-On が東京を含む3つのアジア太平洋リージョンで利用可能に AWS のコストと使用状況レポートで月ごとの集計機能が提供されるように ■ サーバーワークスSNS Twitter / Facebook ■ サーバーワークスブログ サーバーワークスエンジニアブログ

SameSite Cookie Lax is interesting and we are finding new exceptions everyday. Let us discuss this one where lax cookies will be sent on POST request as long as the cookies are fresh (2 minutes) Resources https://www.chromestatus.com/feature/5088147346030592 --- Send in a voice message: https://anchor.fm/hnasr/message

Are you panicked because you have some Pardont-only users and have heard about the upcoming Spring ‘21 release? By that time next year, users will only be able to login into Pardot using Salesforce credentials with Single Sign-On.You may be thinking, does this mean I have to get full Salesforce licenses for all of my Pardot users? What if I have a group of partners/vendors that I don’t want to give access to my Salesforce to? What kind of costs will this incur? How does this affect my API Integrations?Jennifer Lynn Schneider answers all of these questions and provides some starting bullet points to advocate for getting your marketing and sales operations on one platform, with this QuickTip. TakeawaysCertain Salesforce editions already have Identity Licenses included, which is why it is important to get aligned with your Salesforce Administrator and understand what is possible right now, for your Pardot-only users.Keep in mind that Identity Licenses only allow access to pi.pardot.com and do not provide Lightning access.#1 Benefit of Marketing and Sales on one platform: All marketing and campaign engagement is available to see on the lead and contact records, allowing marketing and sales to look at the same information, in real time, and collaborate.#2 Benefit of Marketing and Sales on one platform: Sales has more valuable information. They are able to understand what marketing campaigns the lead or contact has been engaging with and can use this in their sales conversations to provide a consistent experience with your brand and speak to what interests the buyer the most.#3 Benefit of Marketing and Sales on one platform: Marketing can now have greater insights to the full sales process, creating meaningful content for each stage of the sales cycle.#4  Benefit of Marketing and Sales on one platform: Including website lead and contact engagement shows the sales and executive teams the large contribution ROI your website is providing in the sales cycle.#5  Benefit of Marketing and Sales on one platform: Reporting on one platform. Useful Links: Pardot User Migration Overview: https://help.salesforce.com/articleView?id=000353746&language=en_US&type=1&mode=1Pardot User Migration FAQ:https://help.salesforce.com/articleView?id=000353870&type=1&mode=1Map Users Manually: https://help.salesforce.com/articleView?id=pardot_sf_connector_setup_connect_users_manually_parent.htm&type=5Set Up SSO for Salesforce and Pardot: https://help.salesforce.com/articleView?id=pardot_sf_connector_setup_sso.htm&type=5 Social#TrailblazerTalk#Ohana#Martech#marketingoperations#marketingadmins#PardotLifeHackers Ways to Tune IniTunes - https://podcasts.apple.com/us/podcast/pardot-life-hacks/id1476702195Spotify - https://podcasters.spotify.com/podcast/3gTNQj4WnIPN0awdA8QpanStitcher - https://www.stitcher.com/podcast/cheshire-impact/pardot-life-hacks?refid=stpriHeart Radio - https://www.iheart.com/podcast/269-pardot-life-hacks-48758528/Google Play - https://playmusic.app.goo.gl/?ibi=com.google.PlayMusic&isi=691797987&ius=googleplaymusic&apn=com.google.android.music&link=https://play.google.com/music/m/Izjdvuefegnmrmlradp2l7rnqvm?t%3DPardot_Life_Hacks%26pcampaignid%3DMKT-na-all-co-pr-mu-pod-16YouTube - https://youtu.be/_PNVdmNepo8

Episode # 77 - Scorpions Klaus Meine promotes New Single "Sign of Hope" and much more!

- O que é Data Leak - Aplication Security - Seu código roda como DEUS no APEX - Field Level Security - WITH SHARING vs WITHOUT SHARING - WITH SECURITY ENFORCED - Evite QueryString - Salesforce CheckMark (Reveja a live #229) - Reveja o Release Notes, um bom lugar para entender sobre as novas segurança de dados - ORG Security - Restrição de IP - VPN - Two Factor Authentication - Algo que você sabe (Seu logi ne senha) - Algo que só você tem (Acesso ao celular ou ao Email) - Autenticação somente utilizando My Domain - Autenticação utilizando Single Sign on - IP restrition afeta Mobile experience - Esteja na empresa para a primeira autenticação - Utilize uma VPN - Bloqueie OAuth Authentication - Event monitoring Transaction Security Policies - Desabilitar uso de API - Sandbox utilizando Data Mask - https://help.salesforce.com/articleView?id=data_mask_overview.htm&type=5 - Backup dos seus dados (Dados e Metadados - Controle de Versão) - https://help.salesforce.com/articleView?id=admin_exportdata.htm&type=5 - Org Security Helth Check - https://help.salesforce.com/articleView?id=security_health_check.htm&type=5 - Aprofunde-se mais aqui - https://trailhead.salesforce.com/en/content/learn/modules/data-leak-prevention - https://trailhead.salesforce.com/en/content/learn/modules/security_basics - https://trailhead.salesforce.com/content/learn/modules/data_security Acompanhe as live de segunda a sexta às 21:41 em https://youtube.com/souforce Siga-nos no Instagram @iFernandoSousa & @Anellinv & @souforce Blog: https://souforce.cloud Cursos: https://cursos.souforce.cloud Podcast: https://souforce.cloud/podcast Telegram: https://t.me/souforce

Zwei Seelen schlagen in der Brust von Karl Ott. Einerseits kennt der Geschäftsführer der Digitalagentur ReachAd die Möglichkeiten, Nutzerdaten über Tracking-Cookies zu erfassen, und der Experte für Performance-Marketing weiß dies zu schätzen. Andererseits stört es ihn, wenn beim Ausspionieren der Nutzer Dinge wie Datenschutz und Privatsphäre völlig außen vor bleiben. In der aktuellen Episode unseres Podcasts "Touch Point" sprechen wir mit Karl Ott über den Nutzen und die Gefahren von Single-Sign-on-Lösungen, über den Normen- und Rechtswirrwarr beim Umgang mit Nutzerdaten und über ein grundsätzliches Missverständnis zwischen Werbern und Internet-Nutzern.

Walpurgisnacht; Brachiograph (Matthias' Plotter); Bosch Gluey Heißklebestift; Retropie; 8bitdo SN30 Gamepads; Broforce Plattformspiel; Studio Link "Headset-Echo-Problem"; GitLab; Gitea; Jitsi und Firefox; Google Meet; Firefox Developer Edition; Svelte; Chrome Debugging für CSS Grid kommt; Single Sign-on und Identity Provider Keycloak; Chrome Dinosaur Game Hack; Jekyll-Octopod findet immer mehr Verwendung; Logbuch:Freiheit; Neue Wiener Linien Echtzeitdaten; Monitore; Quake3-Arena-Server; TowerFall Ascension Gäste: Stefan und Ulrich

This week we discuss a TikTok flaw, why sextortion scammers are rearing their heads again and whether single sign-on is better than having loads of different passwords. Host Anna Brading is joined by Sophos experts Mark Stockey, Paul Ducklin and Producer Alice Duckett. Listen now! Related articles: https://nakedsecurity.sophos.com/tiktok-users-beware-hackers-could-swap-your-videos-with-their-own https://nakedsecurity.sophos.com/sextortion-emails-and-porn-scams-are-back-dont-let-them-scare-you Find out Mark's new method of authentication by listening to last week's episode: https://soundcloud.com/sophossecurity/s2-ep34-can-you-trust-hackers-on-how-not-to-get-hacked Duck's anti-sextortion video to share with your friends and family: https://www.youtube.com/watch?v=veY0WzoubQw

Single Sign-On-Angebote (SSO) werden in Zeiten von ePrivacy-Verordnung und zunehmenden Cookie-Hinweisen immer wichtiger. Warum ist das Thema SSO so aktuell und was bedeuten die Entwicklungen für Nutzer und Werbungtreibende? Darüber sprechen wir mit Sven Bornemann von NetID.

Paul talks with Loki Meyburg (@LokiMeyburg), a PM with Microsoft leading the Tabs experience in Microsoft Teams. Loki provides a deep-dive into single sign-on for Tabs and talks about other favorite features in Teams. Links from the show: https://aka.ms/teamsdevdocs Microsoft Teams developer community call-February 2020 Add authentication to your tabs: Silent authentication Add authentication to your tabs: Single Sign-On Manage app setup policies in Microsoft Teams

This week on the podcast, we talk about switching to DuckDuckGo for searching and Kyle finds the Windows Clipboard History feature. Then Dan shares his discovery of the IB Automated Integration Tester and Kyle talks about Single Sign Out with multiple environments. Show Notes psadmin.conf 2020 @ 1:30 Windows Clipboard History @ 4:30 DuckDuckGo Traffic @ 11:00 Firefox Containers IB Automated Integration Testing @ 16:30 Single Sign Out @ 24:30

Uno de los grandes retos que enfrentan los administradores de IT es el manejo de perfiles de usuario y contraseñas. El "Inicio de Sesión Único" o Single Sign-On, habilita a un usuario determinado para acceder a varios sistemas con una sola instancia de identificación. Hoy en UnholsterLabs vamos a conversar sobre sus ventajas y desafíos.  Participan Sebastián Acuña, director de Tecnología, Andrés Villavicencio, director de Operaciones, Carla Espinoza, periodista y Constanza Escobar, desarrolladora de Unholster.

Joe outlines online threats from social media. Dave shares a story of scammers try to scare a community into purchasing security products. The catch of the day features a promise of riches from Facebook's Mark Zuckerberg. Our guest is Yaser Masoudnia from LastPass who addresses listener questions about Single Sign On. Links to stories: https://info.phishlabs.com/blog/how-social-media-is-abused-for-phishing-attacks http://www.pressandguide.com/news/police_fire/email-scam-trying-to-convince-dearborn-residents-crime-is-up/article_249b1f2c-cb34-11e9-a5b0-cf725769167a.html Thanks to our show sponsor KnowBe4.

The true life of an entrepreneur! From backgrounds to beards, change is in the air for both Ben and Derrick. Ben is a 36-year-old man who is back living with his parents temporarily to save some cash. Ben considered himself a minimalist, until he realized just how much stuff he had to move. So, he hired movers. Derrick describes the importance of documenting lessons learned and accumulating knowledge. As a result, he got his first paying customer for StaticKit. A meager $10 in revenue is greater than zero. Today’s Topics Include: Tuple: All for One, or One for All? Ben seeks advice on whether to make significant changes to app to satisfy single prospect that requires single sign-on (SSO) support Authentication and Security Schemes: Increasing scope intimidates and impacts legacy engineering decisions Big Decisions equal Big Bucks: Good but challenging problem to have in business Free to paid options for Derrick’s StaticKit turns into inflexible data model Got one, get more: Freemium customer converts to first StaticKit paid subscriber Derrick’s Next Step with StaticKit: Default state of being sustainable and breaking even on personal expenses Solo Founder: Tricky to find good fit of founder to do everything and grow quickly Keep Shipping Away: Set weekly goals to achieve and celebrate wins Links and resources: Art of Product on Twitter (https://twitter.com/artofproductpod) Derrick Reimer (http://www.derrickreimer.com) Website Derrick Reimer on Twitter (https://twitter.com/derrickreimer) Ben Orenstein (http://www.benorenstein.com/) Website Ben Orenstein on Twitter (https://twitter.com/r00k?lang=en) Tuple (https://tuple.app/) Tuple’s Pair Programming Guide (https://tuple.app/pair-programming-guide) StaticKit (https://www.statickit.com/) Level (https://level.app/) G Suite (https://gsuite.google.com) Security Assertion Markup Language (SAML) (https://searchsecurity.techtarget.com) Basecamp Shape Up (https://basecamp.com/shapeup) Thoughtbot (https://thoughtbot.com) RubyGems (https://rubygems.org) Ruby on Rails (https://rubyonrails.org) Drip (https://www.drip.com/) Stripe (https://stripe.com) React (https://reactjs.org)

  Republicans and Democrats are getting together to save the news industry, listen in to find out more Walmart is going head to head with Amazon on food delivery. Who will win the security login battle Single sign-on versus 2F-A I am planning a Security Summer for my listeners.  I will have some free courses.  I will also introduce you to some of the software that I use for my clients and how you can use it too.  Also, I have some limited opportunities for businesses who have had enough with their security issues to work with me and my team and put their security problems to rest once and for all.   So watch out for announcements on those. For more tech tips, news, and updates visit - CraigPeterson.com --- Transcript:  Below is a rush transcript of this segment; it might contain errors. Airing date: 06/22/2019 Republicans and Democrats are getting together to save the news industry, Walmart is competing with Amazon on food delivery, and Single sign-on versus 2F-A. ---- Hello, everybody, Craig Petersson, here. We have another jam-packed show for today. We are going to discuss some of the technology that's affecting our lives, including, of course, some security stuff just some amazing things. Did any of you catch the tweeted story from Samsung this week? Well if you did, you got it before they deleted the tweet. We're going to talk about today. Hey, if you have a Samsung SmartTV, you're going to want to hear this. We've got Google trying to go after Apple but in the end praising them for what they are doing in the same competitive arena. That's going to open up a whole topic of discussion on two-factor authentication and single sign on's. I'm going to go through it and explain it to you today. We will talk about the difference between software and hardware tokens, Google Authenticator, some of the other competitors out there so that you can understand what's going on and what it's all about. It is an important topic everybody needs to understand. I also came across another article this week that had an interesting take on our First Amendment and the state of affairs in Washington DC and the Republicans and Democrats. It appears they are having a harder and harder time getting along much these days. However, it looks like there is a bill moving through Congress that is going to affect you the way you use Google, your Facebook account, and even the news in your local town. We'll delve into what that is all about. I have to tell you about this little bracelet, called the Pavlock. Deep fakes are in the news again. Here's another big thing, too. I should do some little small webinars on these. But man, it might be time to switch to a privacy browser. We'll to spend a bit of time talking about those today. I'm going through the clock in my head thinking man, and we are not going to have time to do all of this. Oh, and Walmart, we have to talk about this. Absolutely. Let's talk about it right. By now you know that we have some, just Goliath, some behemoth companies that are out there. That includes retail giants like Walmart and Target who've been fighting with each other over market share, of course, for a long time. If you know anything about marketing and color choice, you know, you always choose the opposite color. Did you know that they make whole color wheels specifically for figuring out the exact contrasting color of your competition? If your competitors' logo color is blue, then you use red. The other two colors that used are yellow and green. It's interesting to look at that, and I found that analysis quite interesting. Anyway, we have these two big competitors, Target is Red, and Walmart is Blue. Doesn't that go against the whole red-state blue-state thing based on shoppers? Both, of course, have added online stores. If you think about another large company, who could have owned the online business world had they made different decisions it would have been Sears Roebuck. Think about it. Sears had a vast catalog and distribution business that had been successful for 100 years plus before Amazon was even an idea. Amazon kind of nailed retailers, including Sears. Now Amazon Prime with their purchase of Whole Foods and their online service from Amazon is starting to eat the lunch of both Target and Walmart. So both of them are fighting back. Walmart's now taking aim at Targets product called shipped, spelled shIPT. They are providing for it looks like it's going to be $98 per year for unlimited delivery service. Right now they have a service that is ten bucks or $9.98 or something to have all your stuff delivered to you if you go to one of their stores that offers grocery pickup. Right now, it is available in about 2500 Walmart stores, and you can go and pick up your order for free. However, what a convenience this is going to be. Right now it's only being offered in a few markets, Houston, Miami, Salt Lake City and in Tampa. The pricing may change, well, probably will change. Target just lowered the pricing of their InstaCart shIPT, as well. We'll see how this all goes but unlimited delivery of your groceries. Wow!. You might have seen on the news that they are proposing that their delivery people will wear a camera can go right into the home and stock your fridge. However, for those of you that are crazy busy and don't even have time to swing by Walmart or Target to pick up groceries, Walmart anyways is going to put them right into your refrigerator. You can watch them on your computer or smartphone as they're in your home. I find that a little bit nerve-wracking. But you know, I'm nervous. Let's think back a little bit. We were house shopping some years ago. And we were looking at homes in downtown Nashua, which is down in Southern New Hampshire in about the center of the state. We looked at some beautiful old houses, and you know, they don't make them like that anymore. I course you know I went into the basements and up into the attics, I want to see what are the beams like and how's it been held together. We looked at one home that had the logs, yes full old trees that were holding the floors up and some of the floors were warped because of that they were just so old. These homes were a few hundred years old. But these homes in Nashua were very well built. Some of the beams in them were 6x8, and some were even bigger than that. It was of course, very dry wood because it was over 100 years old, just beautiful. But one of the things they had in them was a butler's pantry with an outside entrance where the ice delivery guy put the ice. They didn't have to enter your home. He could open a little door that opened right into the back of your refrigerator. Do you remember those? I know, of course, you never really used them, unless you're one of my very much older audience. But the refrigerator would have a block of ice at the top. And of course, the cold air would come down from the ice and keep the stuff in your icebox cooler. They had direct access into the icebox from outside. Why don't we do that? I am sure someone can come up with a refrigerator, or you know a locked butler's pantry, or something so that Walmart or another third party can enter that part of the home or at least gain access to the fridge without having full access to the house. I think that's just a great idea. We've seen them already, Amazon and others doing deliveries into a garage. I know many homes have an entrance at the front, particularly when you get further north, up in Canada. There they are a popular solution to keep the cold air from filling your home as you you're come in from the cold outside. It is a place that you can take off your big heavy boots and everything else. It's only partially heated. And then you can go into the house and then take off your coat and everything else, you know, something like that, wouldn't that be great? A place, like that, you could give access to these delivery people. With Walmart, you're must buy their $200 door lock that you put on your front door that allows them to gain access to the house. How about if they only had access to a pantry? What a great new design concept? Flashback 150 years, I think that's kind of cool. For $98 a year, I might seriously consider signing up for this and see how it goes. You know, Whole Paycheck. I mean, Whole Foods might not be the best ones to have your weekly grocery delivery from unless you have a small family and a lot of income, then why not? All right, that I think that might make some sense. Before we get into our big topics, let's go through a couple more real kind of quick ones. What is happening in Congress? Here is an article I found out in the Salt Lake Tribune, an opinion piece. It was talking about the News Media Alliance. Now, this is an alliance that represents some 2000 news publishers, mostly local newspapers, but also has some national papers, including the Washington Post, and also includes some digital-only news site. What the news media alliances been saying is, "Hey, listen, look at the newspaper industry." Have you guys seen the stats on this? It is crazy how many newspapers have gone out of business in the last ten years. According to Pew Research, newsrooms have lost nearly half of their staffs in the last ten years, and since 2004, so the last 15 ish years, the US has lost about 1800 newspapers, and that's mainly weekly papers, these weeklies tended to be our local papers. In the town I live in, we used to have a few local newspapers, there were at least two. There's one that was focused in on coupons and another one that was focused in on local news. Nowadays, people are going to the Patch, which is a local/national effort. I think it was Yahoo that started the Patch and you might want to check it out. But this organization of these smaller newspapers and a few larger ones, are saying, things are tough right now. Look at what Apple just did. Apple put in place a brand new system that allowed papers to consolidate. So for ten bucks a month, you had access to newspapers, that are part of Apple news, I signed up for it, on a trial basis, to see what I thought and I was disappointed myself. There was hardly any news included. It was some magazines primarily. And most of the time, I don't care about magazines. I once in a while will look at Architectural Digest, looking at these homes and beautiful designs. But other than that, I had no interest. I'm not a sports guy at all, so I don't care about sports magazines. I don't care about the glamour stuff. I'm kind of as you know, a techie guy, so I didn't like it. I initially thought it would be great because heck, I do subscribe to a couple of newspapers and I do that for one reason I need to stay informed, right? Every week I prepare to talk to you guys, and I'm trying to find some of the best tech articles out there just like this one I found in The Salt Lake Tribune talking about a long tail, a weird little newspaper, at least if you don't live in Utah, or Salt Lake. I do a little bit of that. I thought, Man, this might be a boon for the newspapers because they might get 50 cents or a buck out of Apple, at least, if I spend a lot of time reading the newspaper. I don't know how it is all set up or how the Apple payment works. However, what these guys are trying to do with the News Media Alliance, are petitioning Congress to provide them with an exemption. Now, you know, I am not fond of the antitrust laws. I think, you know, by now that I'm somewhat Libertarian. I sit in the middle of most of these arguments. However, I don't think we should bail out big businesses that go bad. When they fail, when GM fails, or Chrysler fails, we should let the free market take care of it. We should let them fail. It sucks at all these people are going to lose jobs and pensions and everything else. But it should be a cautionary thing to them. They should be looking at that and saying hey, listen it is probably not a wise decision to acquire this other company because we are not going to get the bailout at the end of all of us if things go sour. That's where I'm coming from, and you may agree or disagree with me. What is happening right now is we've got Senator Kennedy out of Louisiana. He is a staunch Republican, and he's very conservative like-minded, in a lot of ways with me. And he is getting together with someone that I don't agree with very often. And that is Senator Klobuchar of Minnesota. She's running for the Democratic presidential nomination right now. Senators Kennedy and Senator Klobuchar have gotten together, and they put together a bill in the Senate. And there's also a house version, co-sponsored by Georgia, Republican Collins and Rhode Island Democrat Cicilline. What they're doing is they're saying, Hey, listen, let's give newspapers a four-year antitrust exemption. They've got safe harbor, that way they can get together and figure out how news content and advertising can be equitably divided. My thinking is, maybe these newspapers can put together a little Alliance of their own, you know, for maybe 20 bucks a month or something or perhaps only 10. All of these newspapers, and remember it is 2000 news publishers, you can gain access to their publications. Even if I wanted to subscribe to all of these papers, it's too much of a hassle for me to subscribe to them all. Additionally, for me, I worry about them all having my credit card because they many won't use PayPal, many of them won't use Apple Pay because they don't want to pay the Apple tax. So you can't subscribe through the Apple Store. That means that I now have to keep tabs of 20 newspapers, subscriptions, and each one has my credit card information. That means I have to watch to make sure they're do not get hacked. If they get hacked, I need to try and get my data back and remember to go and give them the new credit card numbers after I cancel the credit card the one they had got breached. I'm glad to see Republicans and Democrats getting together. Obviously, some Democrats are against it, and some Republicans are against it, and others are for it, and everything else. It is not a universal thing. I think that we have to protect our newspapers are our media is our first line of defense against some of the government corruption that inevitably happens. Unfortunately, most of these news media outlets nowadays tend to be very partisan, right? They won't say anything negative about their guy or their gal, right. However, they will rip on every small little detail about the other guy. It bothers me. It is of benefit to the publisher because they have some income and don't have to cater to their demographic quite as much as they might have had to before. Plus, it exposes people to more points of view. I think it's an absolute win. No question about that. No question at all. If you go to my website at Craig Peterson dot come, you'll see that my wife and I worked on quite a big article on two-factor authentication, single sign-on, again, that's at Craig Peterson dot com. We had a little bit above this last week, where we talked about Apple and Apple's new sign in option you've probably used, or at least you've seen this option on many, many of the websites that sign in as Google are using your Google login or your Facebook login. It ties into our last article about Google and Facebook sucking profits away from these newspapers and putting it together. How does it tie in? Well, it ties in because of my concern about the number of logins, hundreds, right? If I sign up to hundreds of newspapers, I would rather have one sign in option. I'd rather have one payment for everybody. I like a consume as I much as want a type of methodology. It's just like these streaming audio services. Did you sign up for Apple Music? I've done it. Do sign up for amazon music? Do you sign up for Spotify, which I've never done it all, but a lot of people have. Spotify is very popular with older people. Or do you sign up for Pandora, which I've also done? I like Pandora think they have some of the best algorithms out there. Which service is the best for you to sign up? How do you sign up? Well, having this single sign-on can be useful. However, the big question is, do you trust Google and Apple. We've talked about some of the problems with the two-factor authentication, especially when it comes to using your cell phone. That's where they send you a verification text to type. They text a code that you type into the website, and a lot of sites will do that. Okay, well what happens if you are a specific target? If they've narrowed you down, if you are the CEO of a decent company, you could be a particular target and not just a part of the wide net that some phishing scammer out there might be using. It's dangerous because if the bad guy has your phone number, the text comes to him. Well, we're not going to get into that right now. But what I want to do is talk about the single sign-on a little bit more two-factor authentication, Apple's new single sign-on where you will be able to log in using your Apple ID, I think right now is probably the preferred way to do it. Or at least it will be the favorite way to do it. It's not out quite out yet. Apple, remember, they make their money not by selling your information, not by selling your data which is how both Facebook and Google make their money by and by the way, I don't think that's a bad thing. Okay, don't get me wrong you need to understand all the trade-offs. Apple tries to have privacy in mind. I love that. And that's part of the reason I've been supporting Apple more recently, although I've disagreed with things that Apple's done. I've disagreed with things everybody's done, right. That's what you get for being a little bit in the middle of the road here. But let's explain what's going on. Those are all called single sign-on's. And that's where you can use your one ID, which would be your Apple ID, your Google ID or your Facebook ID to sign into these websites. And that can be a good thing for a lot of people. Because now you only have to remember the one complicated password as opposed to a whole bunch of them. You know, I prefer to use a bunch of different passwords, different email addresses everything as that's more secure. But the Apple's Single Sign On is going to be a win for a lot of people. Now, let's talk to you guys and gals who are in more of a security, conscious space. If you're just a home user, maybe you're a little bit older, and things get confusing, it's hard to track stuff, you're going to want to use that Apple single sign on when it's available. However, If you are a business professional and you own a business, you are in accounting or finance or human resources, or maybe security, you're going to need to do things differently. You're going to want to use a suitable type of two-factor authentication. There are two types, software, and hardware. You know already that I prefer One password for my password management and to generate all my passwords. Well, it has an authenticator built into it, which I use whenever possible. Google has a free one available, as well called Google Authenticator. Here's how that works. When you go to a website, and you sign up for the two-factor authentication using one of these authenticators, what's going to happen is that you are going to be presented with it a little QR code that you can scan with your device. That means that when you go into your device, Google Authenticator, for instance, you scan the little QR code that the website is giving you for the authenticator, you do it with one password. Now your smartphone using the authenticator can generate a code that's going to be unique, and it changes every 30 seconds. Now what happens is, when you go to go back to that website to login, you're going to give your username, give you your password, which is something you know, along with something you have. Then it's going to ask you for the authenticator code. You can copy it directly, you can type it in, or you look it up on your Google Authenticator app or in one password, and bam, Oh, there you go. You are now logged in. That is the most reasonably secure way to login, use one of these authenticator apps, use it on a site that allows you to use an authenticator. The next level above that, which is what we use in my business, because we do security work, right? We help businesses manage their security. We do security, not just gap analysis, but effectiveness gap analysis for companies, and we help them keep track of it. What should you be doing? You know, we have the newsletters and things for business owners for sea level people aimed directly at them, right so that we're not just boring them with stuff. It is the stuff that your smart uncle doesn't know. But you need to know as a C-level person in a business, Right? We're at that level, and we use some unique hardware tokens. You've seen probably some of these before RSA has their secure ID, and DUO, company we've been using for a couple of years now has theirs. And these are little things that might go on your key chain, and they're showing this number, the changes every 30 seconds. Sound familiar? That's like the authenticator. I think that's all great. And then there are hardware tokens. These tokens go into your computer. They are things like the Yubikey, the Titan, which has had an issue recently. We use these hardware tokens. We have to put those into our machine to be able to use it. We have to enter the right passwords and things. Then and only then can we log in. So there you go, there's a quick rundown of what you might want to use to increase your security. If you're a home user, when it's available, start using the Apple single sign-on or start using the Facebook or Google login, Google is probably the safer way to go because you are less likely to have your information stolen. The Facebook one is the one I trust the least. If you are a subtle need of slightly higher security, maybe you've got some retirement money, some investment money, you're going to want to use one of these authenticators like Google Authenticator. If you are like me, you're going to use something like one password, which is a little bit better, right? Because one password has it all in a single place and has your passwords and generators everything. Ultimately you have the specific hardware tokens that plug into your USB port, or they also connect via Bluetooth to your devices. If you want me to put together a little course on this, let me know, and I'll be glad to do that. A class that can show you how this all works and gives you some links and, and also some little video of how to do it, how to use it. I'll be glad to do that. I've got to mention this one here, by the way, we've got our security summer coming up here in starting in July. And this is going to be some in-depth training about the significant back to essential points that you've been missing. Right, this is going to be a brass tacks course. We will be getting down to the brass tacks. So make sure you keep an eye out for an email from me about it. By the way, we got a new signup form at the top of the website pages Yay, finally got it all working at Craig Peterson.com, you will see it up there. But there's a lot to cover. And these are going to be 10 to 15 minute short segments that you can watch, and it's going to be kind of a summit format. I want everybody to get this. There's no charge, absolutely free to attend and free to watch all of these. You can ask questions during them because I want to get everybody up to the right level. I really want everybody to understand the brass tacks. So keep an eye out for that. We are getting down to the last articles for today. Alright. Go right now to Craig Peterson dot com, you'll see right at the top of it should be on every page. Now, a little thing that will come up that gives you the option to provide me with your name and email. And I'll sign into my weekly newsletter, which has the security tips and will also tell you about the security summit this summer. There was a Tweet from Samsung, then they deleted their tweet, but they had little tweet this past week that The Verge is quoting will prevent malicious software attacks on your TV by scanning for viruses on your TV every few weeks. Well, there you go. Samsung, at least for a few minutes, acknowledged that their TVs, like every other smart TV out there, is vulnerable to hacks. So here's my advice to everybody. If you have a smart TV, I turn off all of the Smart TV functions, everything, turn off the microphone, turn off the ability to run Roku or Plex or whatever you're trying to run on it, turn it off. Then I use a standalone device. Now I do use an external Roku for one of my TVs. The problem is that over time support for the software that's in your TV will not be available anymore. My absolute preferred platform if you can, and this is from a security standpoint, is the Apple TV. I have the Apple TV for my main TV. I say get the Apple TV, but I don't make any money for this recommendation. Apple isn't a sponsor, and they don't pay me anything and never have, Right. I was on their advisory board for three years, and they never paid me a dime, right. I am telling you this because I think it's essential that you have an external device and one that can get regular hardware and software updates. It won't have a microphone built-in. It won't come with all the security problems. You might remember, WikiLeaks revealed the CIA had developed a piece of software called Weeping Angel. And that turned Samsung Smart TVs into listening devices okay. Then less than a month later, later, security researchers found 40 unpatched vulnerabilities on Samsung Smart TV operating system. Be careful and remember these are TV manufacturers, not security experts, people. Stick with those who make smart devices for the TV stick with an external Roku or maybe an Amazon fire or my recommendation, get an Apple TV, turn everything off inside your TV and use that external device. We're out of time. That's it for today. Visit me online Craig Peterson dot com. Make sure you sign up for the updates so you can keep up with what's going on and you can be part of my security summer summit. Take care, everybody. Bye-bye.   ---  Related articles: Deep Fakes Are No Laughing Matter Shock Away Those Bad Habits When Your Vendors Become A Cyber Liability Smart TVs Need Help Too First Amendment Under Surprise Attack Newest Browsers Are All About Your Privacy The Up and Coming Alternative To Grocery Shopping ---  More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553

Craig is in the WGAN Morning News with Ken and Matt. This morning,  we touched on a whole bunch of topics in the news. We discussed Apple's newly announced single sign-on and what they are doing that makes it different.  We delved into DNA testing and some of the legal implications that are currently in the news. We talked about the NSA and the unprecedented step they took to warn everyone about the latest Microsoft vulnerability and why we must take it seriously.  I gave  Ken, a tongue-in-cheek explanation as to how he could fix the problems he is experiencing with his MacBook Pro keyboard.   These and more tech tips, news, and updates visit - CraigPeterson.com --- Related Articles: CEOs and Business Owners Aren't Taking CyberSecurity Seriously - And Are Facing Huge Penalties Week After Week Vulnerability After Vulnerability   Multiple Logins The Bane of Modern Online Life Technology and Database have Murderers and Rapists Crying Foul --- Transcript: Below is a rush transcript of this segment, it might contain errors. Airing date: 06/19/2019 Apple keyboard Issues, Legal implications of DNA databases, Apple's new Single Sign-on, NSA Warnings on latest Microsoft vulnerabilities, --- Craig Peterson Hey, good morning, everybody. Craig Peterson, here. This morning, I got to talk with Ken and Matt a little bit. We discussed Ken's problem with his Apple keyboard, and I gave him a couple of solutions. His MacBook Pro. We reminisced a bit of a few things today, in fact, even with Matt. We did finally get to talk about some of the security problems that are out there., right now, There are some things you might want to be sure to give serious attention. We also went into some depth on Apple's new service that even Google is praising and is going to be a major competitor of theirs, right there in the same arena. So here we go with Ken and Matt. Matt Gagnon It is 738 on a Wednesday morning, which means it is time to talk to Craig Peterson who joins us now. Craig, how are you this morning? Craig Peterson Hey, it is, he does, and I'm doing well this morning. Matt Gagon Welcome back to the program. Ken Altshuler Craig my keyboard on my MacBook Pro keyboard keeps falling off. I am getting quite irritated. I'm going to bring it back, and they're going to have to send it to get fixed with a whole new keyboard. I'm not getting my computer back for a week. It has got to stop this insanity. It's got to stop. Craig Peterson Ken such a first world problem. Apple has, I think they still do, have a program for businesses, they had a program you would pay them a few hundred bucks per year. And they would give you loners and everything else if your machine had a problem. Ken Altshuler That is okay I could use Dropbox, and I could probably access it remotely. But you see Craig, nobody uses Word Perfect but me, anymore. Craig Peterson I was about to say that. Yeah, I'm glad you said it. Not me. No word perfect. There are still some lawyers out there that do that. Ken Altshuler It's the greatest ever made. Why would anybody use MS Word, it just sucks? Craig Peterson Well, I yeah, I was a big fan of WordStar to Ken Altshuler I used WordStar, too. Craig Peterson Yeah, I used to like that a lot. Then WordPerfect came along was perfect for attorneys. A lot of attorneys adopted it. Then I moved into Emacs. But I'm a geek. And it's not really for text editing. And I've used some others like TeX and LaTeX and Roff, and man all kinds of different typesetting tools and stuff over the years. I get you like that WordPerfect for your work again. Well, back to your keyboard. You've got that first generation of Apple's butterfly keyboard. Ken Altshuler That's correct. They'd said that they are not on the fourth version of it. Craig Peterson Yeah, they keep making changes to try and fit. What they did is they that they designed it so it would be small and light and narrow. They keep making this thing smaller. My son has one of these, and I think it's a second or third generation of a butterfly keyboard. I tried it, and I don't like it. I didn't feel of it. Right. But there's a certain point where they have to cut their losses. You know I learned on mechanical typewriters, right. 100%. Mechanical. Then a teletype, TTY 33. Back in the day. I liked the motion. I enjoy the click-clack, and it's big deep motion. I don't know, I think it's these kids, it's Matt's generation. Ken Altshuler It is magic. Matt Gagnon I don't know anyone, if you call me that, again, I'm going to come over there and punch you in the face with a baseball bat. Ken Altshuler See how angry they are? That generation. I do have a portable Bluetooth keyboard. However, the problem with that is, when you use it with the MacBook Pro, you have to put it so far out, that you can't see what you're typing because it's so far away. Matt Gagnon Nobody knows what you mean Craig Peterson You need to go to the dollar store and get a different pair of glasses. That will work for you. I have three different pairs of reading glasses, three different strengths, depending on how far away my screen is away. And so on might be all you have to do is you need a prescription. Thank God I don't need a glasses prescription. I need reading glasses. I have like one and a half, one and three quarters and twos. Sometimes I have to put two or three pair at the same time. If I need to read, the faintly printed model number on the back of a Mac. Ken Altshuler I take a picture of it and then enlarge it, to read those. Craig Peterson I've got a magnifying app. Matt, you can go away for a while. Ken Altshuler What's the name? Because I could use one. Craig Peterson I don't remember. I type in magnifier, and then it comes right up. But It's fantastic. It just it goes into super zoom mode and makes it easy to see. But you know that the high tech problems we have Apple are now kind of admitted they have a problem with a keyboard but not totally. But try some different reading glasses. That's what I do. Ken Altshuler I have to get the keys fixed. I've got an appointment at the Genius Bar tomorrow. The heart of geniuses I must say, and speaking of geniuses, why are murderers and rapists upset at technology, prey tell? Craig Peterson Yeah. What do you know about the Golden State Killer? You guys everybody's pretty much familiar with the this is the case of out in California. In California, where they had several murders, this was decades ago. They were never able to solve them. Then what the police did is that they went online, as many of us have done, to one of these DNA testing companies. I've done it, and my family's done it. Well, what happened is that when people have done it. In many cases they have shared their DNA information to find family members. And frankly, that's kind of cool. Sometimes, you'll find second, third, fourth, fifth cousins. Anyway, they go into these public databases, and the terms of views allow anyone to go in and search and try and find family members. Well, in the case of the Golden State killer, they found that it was an ex-cop responsible for the killings. At least, I think that that's might still be an allegation. I don't know, if he's actually been convicted, yet. Well, now we're seeing the same thing happening in another case. But in this case, both parties have conceded that okay, you're, you're obtaining of the evidence was legal. But Ken, this is a really, interesting question because the police used one of these public databases of DNA that people are using to share to find other family members. From that public DNA database that gave them a clue as to where to look. When they started looking more closely at this family because the DNA indicated that it was someone within you know, a few relatives of the suspect and narrowed it down to this one guy. They were able to get, I think it was like like a coffee cup or something, that was discarded by the guy at the crime scene. They pulled the DNA off of that and found it to be an exact match from you know, DNA is never like 100 hundred percent, but consider, yeah, an exact match. And so now they pulled him into court. It's a real, exciting case with unique problems, as you know, from the Legal side. How far does it go? Both sides conceded that, okay, that they legally obtained the initial DNA information, so there will be no challenge in court on that point. However, here's another side of this as well, that is the online website that the police used has since hanged their terms of service. Now they are no longer allowing police to do searches for DNA matches. Ken Altshuler Why? It makes no sense. Craig Peterson They're afraid that people are not going to put their DNA up or do searches any longer, for fear that the police might get involved or their DNA might get used for solving a crime. I agree with you. I don't know why you wouldn't, but, but that's why. It is one of the most significant sites out there for this public sharing of DNA information. They changed the terms of use two days after the police, apparently used it to find this guy. That brings up an interesting question. And I agree with you can I don't know what Matt saying, but you know, why would they do that? But should there? Should there be a law? Reminds me of something my dad always used to say. "there ought to be a law against that," or for that, or whatever. It will put a little bit of a kink into some of these police investigations. Matt Gagnon All right, Craig Peterson, our tech guru. He joins us now as he always does at this time on Wednesdays, Craig, the other day, I was signing my son up for soccer, whatever, and I couldn't for the life of me remember the login thing that I had created last year for the site. Like the week before that I had to log into something else that I hadn't logged into in a year. It happens to me pretty frequently. I just had to change my stupid password on this dumb computer. I have about thousand 1000 logins that I need, you know, in my head at any given time, and they are continually making me change my passwords and everything else. I can never keep it all straight. Is someone going to save me? Craig Peterson No. You're doomed? Matt Gagnon Oh, no, that's not the right answer. Craig Peterson Well, you already know about Facebook? Are you've seen sites that say to click here to login, with Facebook. And you've seen websites that do the same thing with Google, you know, use your Google login. There's a few of those out there. I have used them once or twice to see how they worked. I don't personally use those. Well, now Apple has come out with their login. It's a multiple login service, and you know by now that I like almost everything Apple is doing nowadays. They are trying to show "Hey, listen, we're going to keep your data safe, we're not going to keep it, we're not going to share it because we don't have it." "We're going to keep that information other than enough information that's required to get you logged in." I think that the fascinating thing about this is that with this multiple logins, single sign-on thing, that Apple's come up with, oh, btw, it's not quite available yet, but it will be. Apple has deals in place with almost everybody. It is going to be very big. Their concept is better than some of the others. Google has come out and said, "Hey, listen, we don't keep that information, either." Well, this is a company that used to say don't be evil, right, Google said. Google came up with a tacit recommendation for the Apple sign-in service saying, "Hey, listen, this is a read going to be a very, good thing for the internet although we don't share our information." They think this is going to be better, much better than normal logins. Not only do people forget them, and of course, many people misuse it them by using the same password, the same email on multiple systems. It's a bit of a problem. I think that you know if I was going to use one, once the Apple ones when it comes out, that's what I'd use. Under no circumstances would I trust Facebook at all with my data. I never use the Facebook Single Sign-On, on other sites. I don't use the Google Sign on, because frankly, they're trying to collect all of the data they can in the world and I don't trust them. The bottom line with Apple, If I am going to trust somebody at this point. They're the guys I trust, today. Ken Altshuler We're talking to Craig Peterson, our tech guru, who joins us every Wednesday at 738. You know, the people on our radio station makes us take a security test all the time. Now, are all the CEOs and business owners that conscientious? Matt Gagnon Are we way ahead of the curve? Ken Altshuler Well said. Craig Peterson Matt, Is that true? Or are they just giving Ken the test? Matt Gagnon Sadly, Craig, I have to report that they give it to me as well. Craig Peterson Well, I'm glad to hear that. The techniques and bad guys are using keep changing, and frankly, we have got to keep our employees up to date. Matt Gagnon Okay, that's fair enough, Craig. But there's a man in a gorilla suit in the video. Craig Peterson Really? Matt Gagnon And I can pass the quiz without watching the videos. Craig Peterson Or in a Bunny Suit, one of the two, right? Yeah, you know, we got to get back to the brass tacks of security and making sure employees are up to date at that is a good start. You don't want to overburden them by continually doing some of these pieces of training. I've seen a lot of them. We signed up for a company that provided us with training videos that we could provide your customers. I watched them and about pulled my hair out and stabbed by eyeballs out. They were so bad. We stopped using them. Now we send out a little notification email. Okay, guys watch out for this with a couple of samples, and maybe once in a while a short one to two-minute video explaining it. However, we need to get back to the brass tacks, everybody. That's the bottom line. And that means, the password stuff. Now we've got the NSA doing though this is the first time, it is unprecedented. Ken and I and may Matt, I think you're old enough to remember that the NSA used to stand for no such agency because the federal government denied it even existed. Well, now it's gotten to the point where the NSA has a warning out right now about cyber attacks. They are warning that this could be the worst ever worldwide computer shutdown. It's just incredible. It is all about BlueKeep and some other stuff. Why could this be the worst ever? Remember, two years ago, almost now, we had the shutdown to hundreds of thousands of computers around the world because of an attack - WannaCry and Petya/NotPetya. At the time it was worst ever. It all happened because we were not covering the underlying security best practices. We're not doing the brass tacks of security. We're not making sure we've patched our systems. We're not making sure we're following the right schedules. I have yet to go into a company and find that they've got their basics in order. I don't blame them for having you guys take these little tests. I think it's frankly, generally speaking, an excellent idea. Matt Gagnon All right, Craig Peterson, our tech guru, joins us this time every Wednesday. Craig, we appreciate it. As always, thank you so much. We will talk to you again next week, sir. Craig Peterson Take care, guys. Bye. Ken Altshuler Thanks a lot. Alright. So we're going to take a quick break. Craig Peterson Hey, everybody, have a great day. I'll be back Of course, with my weekend radio show, heard in the Northeast and throughout the Northeast. In fact, and it'll be a whole lot of fun. Of course, we will be talking about all the newest tech news out there. As we readily quickly heard, we are working on getting ready for our big summer of security coming up. We're going to do it. Need information, email me at Craig Peterson dot com. Have a great day, everybody. Talk to you later. Bye-bye. --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553  

The single sign-on experience from Google and Apple could solve our password crisis. Jefferson Graham explains.

In episode #201 we talk about Single Sign On with SAML and oAuth.  www.talkingdrupal.com/201 Topics What is Single Sign On? Single Sign On Protocols Single Sign On Terminology Recommended drupal modules SAML vs. OAuth SSO Brokers Issues with SSO Modules OAuth2 Client SAML Authentication Social API Nate’s SAML modules: Drupal 7 (Uses the OneLogin PHP Toolkit) Drupal 8 (Uses LightSAML) Resources Introducing the Quicklink Module for Drupal    Guest Host Nathan Dentzau - @NathanDentzau Hosts Stephen Cross - www.ParallaxInfoTech.com @stephencross John Picozzi - www.oomphinc.com @johnpicozzi Nic Laflin - www.nLighteneddevelopment.com @nicxvan

This podcast outlines the detail explanation of SSO - Single Sign On. We would be taking an example of GOOGLE ECOSYSTEM. --- Send in a voice message: https://anchor.fm/gouravnayyar/message

The mainstream will never adopt blockchain-powered decentralized apps (dApps) if it's a struggle to log in. They're either forced to manage complex security keys themselves, or rely on a clunky wallet-equipped browser like MetaMask. What users need is for signing in to blockchain apps to be as easy as Login With Facebook. So that's what Bitski built.

This password thing is getting out of hand. Christian Reichert, co-founder and CEO of re:solution, had enough. He simply got tired of entering his passwords over and over. And remembering all those passwords. And becoming one with the "forgot password" feature. He went to the Atlassian Marketplace and did not find a solution. So he did something about it. A created a single sign-on product for the Atlassian Suite. He came all the way from Berlin to spend that day with us at ServiceRocket to tell us all about it. While he was here, we got him into the Nice Work! studio so we could share part of our discussion with you. Learn more about Christian Reichert and re:solution: Christian's company re:Solution: http://www.resolution.de Christian on Linkedin: https://www.linkedin.com/in/christianreichert/

In this episode, Aaron Mangal and Tim Francisco of CoinStructive, caught up with Paul Puey, co-founder and CEO of Edge (formerly AirBitz), a security platform and multi-coin wallet and key management system.   Paul Puey, co-founder of Edge (formerly AirBitz) "Paul is a proud Electrical Engineering and Computer Science graduate of UC Berkeley with a wide range of technical skills from low-level 3D graphics engineering to development of custom web CMS systems, even before people knew what a CMS was. He held lead engineering positions with Nvidia and Chromatic Research, but most recently owned and operated several non-technical small businesses throughout California. There he learned the importance of the intersection of people, business, and technology. Today, Paul aims to bring Bitcoin mainstream with software and products aimed at simplifying Bitcoin and making it insanely easy to send and secure this revolutionary currency while maintaining the highest level of privacy. When not converting people to bitcoin you’ll likely find him climbing a rock in Joshua Tree or at a local climbing gym." The unique selling proposition is Edge allows users to manage multiple wallets for multiple assets securely under a single sign-on (SSO) login (just like using Facebook or Google to sign up for a site). Edge's philosophy is "security is our foundation, not a feature" as demonstrated by their client-side encryption which means data is encrypted from the device itself and before it ever touches Edge servers.  Cryptocurrencies currently available on Edge We had a great time learning more about Paul's origin story, the creator of Edge (formerly AirBitz) and the vision of how to bridge Cryptocurrency use into the mainstream world. After listening to this episode you will learn: Paul's beginnings in Silicon Valley at Nvidia working on Graphics Processor Units (GPUs) How Paul got out of balance with work which was a catalyst for shifting his health in a more positive direction The origin story of AirBitz and how it evolved into Edge as a rebrand Why we should stop trying to make security perfect and instead analyze the trade-offs How users get the benefit of security like SSL but for everyday Cryptocurrency usage Why Paul believes in usability and utility as much (if not moreso) than just ideology About the threat of centralized custodians and how counterparty risk and cold storage reduce usability How the architecture of centralized entities slow down transactions due to the lack of funds available in hot wallets How Edge saw the opportunity to open up its security architecture to other dApps (like Augur) Edge and why its the first use case of the Edge platform itself which can be used in many other What the Edge's of the network are and how the data generated there is secured How the communities of various cryptocurencies helped Edge integrate their tokens  For show notes and more please visit: LAB Radio

Hello, welcome to The New Stack Context, a podcast where we review the week's hottest news in cloud-native technologies/ at-scale application development and look ahead to topics we expect will gain more attention in coming weeks. This week, we're joined by Joel Speed, a DevOps engineer at Pusher who is working to build their internal Kubernetes Platform. Speed has been writing a series of articles for The New Stack recently about how Kubernetes handles authentication and how to create a single sign-on experience for Kubernetes users.  The team at Pusher has developed its own in-house single sign-on solution for their Kubernetes users that also offers more fine-grained access control. Speed spoke to us about the SSO set up at Pusher and how it came about. We also spoke to TNS founder Alex Williams about The Linux Foundation's Open Source Leadership Summit, which Williams attended a few weeks back. He recorded several interviews at the event, which we've been publishing this week on our other podcasts, TNS Analysts and TNS Makers. TNS Editorial Director Libby Clark hosted this episode, along with TNS Managing Editor Joab Jackson.

RIS18: Single Sign-On und Passwortspeicherung

Single-Sign-on-Lösungen sind mittlerweile weit verbreitet, denn sie bieten dem Nutzer Komfort. Aber was steckt technisch dahinter? Und welche weiteren Vorteile bietet SSO? Darüber sprechen wir in dieser Episode.

  Social media gives public agencies the opportunity to go where the people are - at times and on platforms of their choosing.  Most government agencies have established a presence on the major platforms and experiment with others.  In Dallas, the city is combining the reach of social media with the security of single sign-on to welcome online residents home to suite of services that "know" them and increase the likelihood that the resulting service offerings will be relevant and convenient - and easy to use. The synergies between social and synergy then provide a city-controlled platform for serving - and marketing to - residents.  It bypasses the need to be everywhere on social media to reach every subgroup. Instead, it produces mass customization - a marketer's dream Justin Snasel (@JSnasel) is just such a marketer.  Recruited from the private sector, Snasel serves as the  PIO and Manager of Communication Strategy for the City of Dallas In this episode, Snasel discusses what the city has been able to do on that platform. He is unapologetic about the reality of marketing as the core of social media in government, as it is elsewhere.  Plus we unmask Eco-man, an alter ego created while in Arlington, TX on a shoestring and who went viral. Plus reflections on the the peaceful transition of @POTUS.    

In this episode of MashTalk, Lance, Pete and Christina do a deep dive on WWDC and everything Apple announced. They start off offering their take on the keynote (0:30) and the tenor of Apple announcements. First up is iOS 10 (8:30) and the impact the new changes coming to Messages on the platform. We spend a lot of time on Messages before moving into a discussion on differential privacy (21:25) and whether that can ever offer as good of a predictive experience as services that track you more (Google, Facebook). We shift on to talk about the new Home app (29:42) and whether Apple can really make HomeKit a thing. Pete goes on a fun tirade about his propane tank. We have a brief discussion about how you can "delete" pre-installed apps (35:15), Apple Music (37:00). We shift into the renamed macOS (38:12) and Siri coming to Mac. We round out the discussion to talk about the new look on watchOS 3 (44:35) and the changes coming to its Health and Activity apps. Finally, we finish off with tvOS (49:15) and the fact that Single Sign-on is coming to Apple TV.

This week on the Life in the Mobile Enterprise (LiME) podcast, Chris Hazelton interviews Magnus Mjøsund, Product Manager at Apperian, on identity management. From everyday consumer usage, to controlling data access in highly regulated corporate or government environments, tune in to learn how identity and access management can and should be applied to your mobile deployments.

Implement stronger data security has spurred a rise in adopting single sign-on (SSO) technology in healthcare. Healthcare Technology Podcast Brought to You by RightPatient.com

  Brian and Dan attempt to change the current technology discussion from what’s the best technology solutions available to, what technology is my company using today and what solutions best fit in my company culture.  The goal for businesses embracing technology must be around implementing the best tools and solutions to empower our employees to be most productive when solving business problems.     Brian explains his background and experiences as a technology evangelist and why he believes the focus on culture and people training and change focused him to changed his focus to teaching change more so than teaching the technology.   Culture, Processes and People often overlooked as a major factor in what technology and tools would be the best fit for a company.     Daniel discusses the mistakes many make when focusing only on the popular technology or software rather than diving in and truly understanding what’s the best solution for the business.     Using technology to match step by step offline procedures is often a problem that doesn’t allow technology to increase productivity and scale rather just doing things offline online.     Honest monday morning quarterbacking failed technology solutions reveals the root of a solutions failure which is often the software selected was wrong or the company culture wasn’t designed to leverage that solution.   Stop blaming the technology or tool for failing before you identify how the tool was trained, implemented and designed and if it would have ever been successful within the company culture.   Fear of missing out (F.O.M.O.) is something that scares many brands and yet overly excites others that causes mistakes in both cases.  Brian explains why brands should let influencers or analysts like himself to test and embrace FOMO so that a brand can make the best decision.   Brian’s approach to technology is different than Daniels but they discuss why in their business it’s the perfect fit and both roles are required.     Discussion about technology like Meerkat & Periscope on how brands are adopting it and comparing it to change in software such as Microsoft Office to Google Docs and how not every brand or company can adopt all of these solutions equally.     Broadsuite Media Group leverages @SlackHQ software, Daniel and Brian explain why and how they implemented this collaboration software and it’s increased productivity and collaboration.     Other Takeaways:   Technology is never an all or nothing solution. Understanding business needs and workflow is required to truly embrace and implement new technologies. Do brands or companies truly understand the features and benefits of new technologies today? Understanding what the best solution for a business problem is often times a solution that isn’t allowed or enabled within businesses today.   Would adoption of Google Docs been hurt or limited if the requirement was every person must have a google+ account vs having a gmail email account.  Understanding the value proposition and how to best tap into existing workflows is often what makes tools like Google Docs successful.   What’s the role of “Open API’s & API Friendly Software” Why don’t all companies embrace Single Sign-on like Buffer & Meerkat that leverages Twitter sign-on for all users, eliminating the need for new accounts and/or passwords. Why don’t companies today ask employees or internal haters for feedback on what technology and tools they would like to leverage? Why is it acceptable for companies to settle for products and technology that are poorly designed because it’s an internal tool not customer facing? Are companies finally looking at features available with cloud and new technology solutions and weighing them against the legacy software that they already purchased and don’t want to throw away because the money was already spent. What are companies willing to give up to embrace new technology and tools? What does the future of dynamic or automated data integration into productivity and collaboration tools we’re leveraging today?   Companies that have strong cultures, empower their employees to leverage the technology that allows them to best solve the business needs while investing in training and procedures to eliminate risk and better embrace change!   This episode is sponsored by IBM to help companies envision a #NewWayToWork. IBM Verse, their new revolutionary social & email solution, you can free up time for you to focus on this by calming your email. Sign Up Today at: IBM.com/Verse As always we are grateful to be able to share our insights and views with you the listener, and welcome feedback, suggestions and open conversation at all times using the hashtag#SMACtalk.

Password management continues to be a challenge for all organizations - large and small. Poor management leads to insecure passwords and inconsistent policies – and these lead to more data breaches. For this special podcast, Patrick Botz joins us to talk about Single Sign On on the IBM i and how it can be used to easily and securely manage user accounts and passwords.

Active Directory enabled generations of developers to focus on their business applications features rather than worrying about identity management. Windows Azure Active Directory is Active Directory reimagined for the cloud, designed to solve for you the new identity and access challenges that come with the shift to a cloud-centric, multitenant world. Come to this session to learn how to take advantage of Windows Azure Active Directory in your application. If you already have an investment in Active Directory and Visual Studio, you’ll discover that Windows Azure AD is a way of extracting even more value from your investment. If your solution runs on different platforms, you’ll appreciate how easily you can integrate with Windows Azure AD via open standard such as the SAML protocol and the REST based Graph API.

Nachdem wir die Einrichtung von Single Sign On (SSO) dokumentier haben, zeigen wir Ihnen in diesem Videocast SSO in der Praxis. Viel Spaß

SF MusicTech Summit 5/9/11 San Francisco, CA www.sfmusictech.com Panel Discussion: "Backplane Single Sign On" Lee Hammond - Universal Music Group Matthew Barkoff - Badgeville Vidya Shivkumar - Janrain Chris Saad - Echo Moderator:Mike McGuire - Gartner Research

Wenn Sie Musterdepot-Nutzer sind und wissen moechten, wie Sie ohne erneute Anmeldung aus dem Online-Banking direkt in das Musterdepot wechseln koennen, dann erfahren Sie in diesem Quicktipp wie das funktioniert.

New post by Boagworld

This second of three episodes builds upon the first by describe what Novell is doing with SecureLogin 7 and how it addresses your customers pains/challenges. Baber Amin is again invited back to explain this with Justin Taylor.

The enterprise single sign-on (ESSO) market is a great way for you our sales professionals to achieve your quota. In this first of three interviews with Baber Amin, Sr. Product Manager with Novell, Justin Taylor discusses the market and the pain that customers are experiencing.

In the final episode of this series listen as Justin Taylor and Baber Amin discuss how to sell / position SecureLogin 7, and it’s current version, to a customer. Listen and also learn who Novell competes with in the space and how Novell is different. Also, a nifty suggestion from Justin and Baber and how […]

Tired of tracking your username and password across 169 Web 2.0 websites that you have registered with? Thinking of adding SSO to your webapp? Pen-testing a Web 2.0 app? Then come and learn about OpenID - a new decentralized Single Sign-On system for the web. OpenID is increasingly gaining adoption amongst large sites, with organizations like AOL acting as a provider. In addition, integrated OpenID support has been made a mandatory priority in Firefox 3 and Microsoft is working on implementing OpenID 2.0 in Windows Vista. As OpenID adoption increases pace, the security of the protocol becomes of increasing importance. This talk introduces OpenID, takes you through its demo and discusses the security of the underlying protocol. The talk will also introduce known attacks against OpenID such as phishing and some of the possible work arounds.

Tired of tracking your username and password across 169 Web 2.0 websites that you have registered with? Thinking of adding SSO to your webapp? Pen-testing a Web 2.0 app? Then come and learn about OpenID - a new decentralized Single Sign-On system for the web. OpenID is increasingly gaining adoption amongst large sites, with organizations like AOL acting as a provider. In addition, integrated OpenID support has been made a mandatory priority in Firefox 3 and Microsoft is working on implementing OpenID 2.0 in Windows Vista. As OpenID adoption increases pace, the security of the protocol becomes of increasing importance. This talk introduces OpenID, takes you through its demo and discusses the security of the underlying protocol. The talk will also introduce known attacks against OpenID such as phishing and some of the possible work arounds.