Discover and read the best of Twitter Threads about #passwordless

Most recents (6)

I think at large people are missing the significance of a #web3 #wallet beyond just #hodling your favourite #Crypto #Cryptocurency token.

Maybe the same way they effortlessly think about using the #chrome browser.

They are both portals for the #WWW and #Web3 respectively
There are new functionalities being added to #web3 wallets to exist as wallets to hold your #credentials for zero knowledge #authentication.

This wallet market is going to be worth a whopper of a predicted $7 trillion market by 2027 alone.
One of the most significant comments on this movement is from the creation of the open source Open Wallet Foundation via Linux, which has been noted as potentially more significant than #Linux itself!!!!!

#owf

With members such as #ToIP and #Avast (#Gen)
Read 7 tweets
Stop using per-user MFA for #AzureAD MFA. "Don't enable or enforce per-user Azure AD Multi-Factor Authentication if you use Conditional Access policies." learn.microsoft.com/en-us/azure/ac…
If you are still using per-user MFA, and can deploy conditional access policies, deploy the template to require MFA for all users and disable per user MFA. Conversion script here learn.microsoft.com/en-us/azure/ac… (we need to update this to use MS Graph SDK PowerShell and not MSOL) @merill
If you are using a free tenant or you have not enabled conditional access you have enabled the tenant security defaults right? You should go check your tenant right now if you don't know. learn.microsoft.com/en-us/microsof…
Read 10 tweets
Just a reminder when focusing on #security for your #office365 and #azuread tenants one of the key attack vectors comes from your on-premises environment. If you have not read and implemented the guidance in aka.ms/protectm365 you should & read this thread. 1/7 #identity
"Federated trust relationships, such as Security Assertions Markup Language (SAML) authentication,are used to authenticate to Microsoft 365 through your on-premises identity infrastructure.Ifa SAML token-signing certificate is compromised, federation allows anyone who has.."2/7
certificate to impersonate any user in your cloud.

We recommend that you disable federation trust relationships for authentication to Microsoft 365 when possible."
3/7
Read 14 tweets
MUST KNOW Social Media Safety Tips for all

#cybersecurity #privacy #SecurityAwareness

🧵
Don't share too much Personally Identifiable Information(PII).

Hackers tend to make customized profiles for their victims so that they can perform social engineering attacks on them. It can also lead to identity theft. Think twice before sharing anything online.
Use a strong password/passphrase for all your accounts. This should not contain any words from the dictionary and should not be linked to your personal information. It is highly recommended to use a good password manager like @Bitwarden. Going #passwordless is even better.
Read 16 tweets
It’s #WorldPasswordDay – but instead of tips to improve #password use, let’s talk about the future of #passwordless… 🧵👇
We published our vision for a #passwordless future with multi-device FIDO credentials (also referred to by some as “#passkeys”) in March 🧵… fidoalliance.org/charting-an-ac…
Today, we are excited to share that @Apple @Google @Microsoft are aligned with this vision and will be implementing multi-device FIDO credentials over the course of the coming year! 🧵…
​​fidoalliance.org/world-password…
Read 6 tweets
1/ Did you know that even if you always use FIDO security keys or an authenticator app to login, an attacker can still target the password you forgot you had? Reasons why you might choose to delete your
password (a thread)
2/ Transparency: I am an identity geek at Microsoft and we now support password deletion for our consumer accounts: microsoft.com/security/blog/…. This is my attempt to outline *why* this kind of feature is important, here we go…
3/ #Cyberattacks like password spray and #CredentialStuffing can still be successful for attackers if you previously set your password to something predictable or reused the password at other sites. Deletion takes guessing and replay out of the attacker toolbox for your account.
Read 17 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!