Bill BernardOct 2, 2023

For #CyberSecurityAwarenessMonth, I'd like to start with a basic assumption we often seem to overlook:

If you don't need the data, don't keep it. Or put another way: you can't lose what you don't have.

Cheap (virtually unlimited) storage encourages us all (people and organizations) to keep lots of sensitive data we don't need - and there are plenty of examples of that coming back to bite people in sensitive places.

Show threadBill Bernard

For #CyberSecurityAwarenessMonth, let's talk about the relatively new concept of the #Passkey as an authentication method.

A passkey is a modern replacement for a password that solves for key issues with passwords:

  • You don't have to make up a password for a site or service that utilizes passkeys
  • You don't then have to remember those passwords either

Domain experts feel that this solution is more secure than passwords for the simple reason that people don't generally create good passwords, and are proving (thus far) to be harder for phishing and some other malicious credential stealing attacks to succeed against.

You'll have to configure the use of passkeys for every website/service/app that you will use them on, but the benefits seem to be real, simplifying login and improving security.

The FIDO Alliance (https://fidoalliance.org) has proposed the logo below for use on sites that accept passkey access.

FIDO Alliance

FIDO Alliance is focused on providing open and free authentication standards to help reduce the world’s reliance on passwords, using UAF, U2F and FIDO2.

FIDO Alliance
Oct 11, 2023 at 12:37pmWeb