Cyberweekly #219 - When is a credential not a credential?
cyberweekly.substack.com
In the move to zero-trust, the concept of credentials to authenticate users comes up a lot. We tend to think of a credential as the thing that the user uses to confirm to the computer who they are. This is typically a username and a password, but we can add a second factor such as a notification on a phone, but we can also use something like as a cryptographic key held in a secure enclave unlocked by biometrics (such as Windows Hello, FaceId or TouchId).
Cyberweekly #219 - When is a credential not a credential?
Cyberweekly #219 - When is a credential not a…
Cyberweekly #219 - When is a credential not a credential?
In the move to zero-trust, the concept of credentials to authenticate users comes up a lot. We tend to think of a credential as the thing that the user uses to confirm to the computer who they are. This is typically a username and a password, but we can add a second factor such as a notification on a phone, but we can also use something like as a cryptographic key held in a secure enclave unlocked by biometrics (such as Windows Hello, FaceId or TouchId).