• Blog
  • Talks and Presentations
  • Whitepapers and more
  • In The News
  • About Talking Identity
  • About Me

Invisible Identity, or How to Delight People & Secure Users

  • Posted on:December 15, 2016
  • Posted in:Insight IdM
  • Posted by:Nishant Kaushik
0

So I waited patiently for the folks at the Cloud Identity Summit to publish on their Youtube channel the talk I gave earlier this year on Invisible Identity. But it never came. Turns out that a few session recordings got messed up, and unfortunately mine was among them. I sense Paul Madsen’s hand in this….

Read More
Tags: CISCISNOLACloud Identity SummitIdentity-Based-SecurityInvisible IdentityUsabilityUsable Security

Doing 2FA Better Could Mean Using Social Factors

  • Posted on:October 18, 2016
  • Posted in:Insight IdM
  • Posted by:Nishant Kaushik
0

In my last post regarding weaknesses in how 2FA is implemented in the systems we rely on to secure us, I teased a thought that had occurred to me in going through the analysis I presented in the post. As usual, life intervened to distract me, but this recent post by Coinbase sharing their experience of…

Read More
Tags: 2FAAuthentication ServicesIdentity ContextIdentity-Based-SecuritySocial GraphSocial IdentitiesTwo Factor AuthenticationUsable Security

Doing 2FA Correctly Requires More Than 2 Factors

  • Posted on:August 4, 2016
  • Posted in:Insight IdM
  • Posted by:Nishant Kaushik
0

Two Factor Authentication (or 2FA) has been in the news a lot recently. There was the kerfuffle over NIST putting into their update of 800-63 that SMS-based 2FA is insufficiently secure and should be deprecated (something most security experts agree on). That update (still in draft) came too late for the Social Security Administration (SSA),…

Read More
Tags: 2FAAdaptive Risk ManagerAuthentication ServicesIdentity ContextIdentity-Based-SecurityMulti-Factor AuthenticationTwo Factor AuthenticationUsable Security

Privacy in the World of Invisible Identity

  • Posted on:June 14, 2016
  • Posted in:Insight IdM
  • Posted by:Nishant Kaushik
0

In part 1 of my blog post expanding on my Cloud Identity Summit talk on Invisible Identity, I proposed ‘The 4 Core Principles of Invisible Identity‘ that ensure that security and usability stay in a symbiotic partnership for an organization. I believe that adopting the concept of Invisible Identity will be vital to securing people in the…

Read More
Tags: CISCISNOLACloud Identity SummitIdentity-Based-SecurityInvisible IdentityPlums For PrivacyPrivacyPrivacy By DesignUsable Security

Epic Hacking Redux: The Hacking of DeRay and Our (Continued) Identity Challenge

  • Posted on:June 10, 2016
  • Posted in:Insight IdM
  • Posted by:Nishant Kaushik
0

Almost 4 years ago I wrote a post titled ‘The Epic Hacking of Mat Honan and Our Identity Challenge‘. In it I examined how hackers exploited the ways in which our online accounts are daisy chained together through poor password recovery and KBA based systems to systematically take over Mat Honan’s digital life. 4 years later, much has changed…

Read More
Tags: Continuous AuthenticationHack AttackIdentity VerificationInvisible IdentityOne Time PasswordPassword Recovery Techniques

The 4 Core Principles of Invisible Identity

  • Posted on:June 7, 2016
  • Posted in:Insight IdM
  • Posted by:Nishant Kaushik
0

The Cloud Identity Summit is underway here in New Orleans, and it’s off to a great start. The organizers have done a wonderful job again, and with so much great content, the hardest thing is choosing which of the many interesting talks to go to. My talk is already done (it’s oddly liberating to not…

Read More
Tags: CISCISNOLACloud Identity SummitIdentity-Based-SecurityInvisible IdentityUsabilityUsable Security

Identity at the Nexus of Security and Usability

  • Posted on:June 2, 2016
  • Posted in:Insight IdM
  • Posted by:Nishant Kaushik
0

If you’ve followed my last few blog posts, you may have noticed the topic of usability in security pop up quite a bit. I’ve said in the past that usability issues in security should be considered vulnerabilities, because they create attack vectors in the form of user errors, exploits and workarounds. The idea was captured in this slide I presented…

Read More
Tags: CISCISNOLACloud Identity SummitIdentity-Based-SecurityInvisible IdentityUsabilityUsable Security

How Not To Enhance Your Customers Security

  • Posted on:February 26, 2016
  • Posted in:Insight IdM
  • Posted by:Nishant Kaushik
0

RSA Conference is a little too big to be manageable any more. But a quick glance at the companies showing up at the 2016 edition and at the session topics is always a good indicator of current trends. And so it is with a mix of interest and disappointment that I take in the (long) list…

Read More
Tags: Knowledge-Based AuthenticationPasswords Must DieRSA ConferenceRSACSecurity Questions

That Time Enabling Two-Factor Authentication Made Me Feel Worse

  • Posted on:February 12, 2016
  • Posted in:Insight IdM
  • Posted by:Nishant Kaushik
2

I’ve been an account holder at a fairly prominent online brokerage for a while now. Been using it without hiccup for years. The movement in the stock market early in the year prompted me to log in to check on a few things (I know, I know. I swear I’m not that guy). While there, I decided…

Read More
Tags: Identity VerificationKnowledge-Based AuthenticationMulti-Factor AuthenticationPassword Recovery TechniquesPasswords Must DieUsabilityUsable Security

Recent Posts

Securing Our Biometrics-Based Future
The last few years have seen an uptick in efforts to use biometr...
My Next Gig: Delivering the Identity-Defined Perimeter with Uniken
Back in 2013, I opened my 'Hitchhikers Guide to Identity' talk w...
Invisible Identity, or How to Delight People & Secure Users
So I waited patiently for the folks at the Cloud Identity Summit...
Doing 2FA Better Could Mean Using Social Factors
In my last post regarding weaknesses in how 2FA is implemented i...
Doing 2FA Correctly Requires More Than 2 Factors
Two Factor Authentication (or 2FA) has been in the news a lo...

Recent Comments

Talking Identity | Nishant Kaushik's Look at the World of Identity ManagementHow Not To Enhance Your Customers Security - Talking Identity | Nishant Kaushik's Look at the World of Identity Management on
The Epic Hacking of Mat Honan and Our Identity Challenge
112 weeks ago

Talking Identity | Nishant Kaushik's Look at the World of Identity ManagementHow Not To Enhance Your Customers Security - Talking Identity | Nishant Kaushik's Look at the World of Identity Management on
#FAIL No More: The Rise of the Self Defending Enterprise
112 weeks ago

NishantKaushik on
That Time Enabling Two-Factor Authentication Made Me Feel Worse
114 weeks ago

Gabor Szathmari on
That Time Enabling Two-Factor Authentication Made Me Feel Worse
114 weeks ago

UK Access Management Focus · Reputation is everything on
The new Identity Equation
128 weeks ago

What I’m Blogging About

Connect

Twitter Follow @NishantK

LinkedIn Connect on LinkedIn

Vimeo View Nishant's Talks

About Me nishantkaushik.com

Categories

  • Ask Dr. K (12)
  • Identity Services (36)
  • Identropy IDaaS (4)
  • Insight IdM (149)
  • Oracle Identity Management (61)
  • Personal Identity Management (33)
  • The Cloud Identity Series (24)
  • Tips & Techniques (4)
  • User-Centric Identity (24)

Archives

  • ► 2018 (1)
    • January 2018 (1)
  • ► 2017 (1)
    • April 2017 (1)
  • ► 2016 (9)
    • December 2016 (1)
    • October 2016 (1)
    • August 2016 (1)
    • June 2016 (4)
    • February 2016 (2)
  • ► 2015 (5)
    • November 2015 (1)
    • June 2015 (2)
    • April 2015 (1)
    • February 2015 (1)
  • ► 2014 (8)
    • October 2014 (1)
    • September 2014 (2)
    • August 2014 (1)
    • July 2014 (1)
    • June 2014 (1)
    • February 2014 (2)
  • ► 2013 (12)
    • December 2013 (1)
    • August 2013 (2)
    • July 2013 (5)
    • June 2013 (1)
    • April 2013 (1)
    • February 2013 (1)
    • January 2013 (1)
  • ► 2012 (13)
    • November 2012 (2)
    • August 2012 (3)
    • July 2012 (2)
    • June 2012 (2)
    • May 2012 (1)
    • February 2012 (3)
  • ► 2011 (29)
    • December 2011 (1)
    • November 2011 (1)
    • October 2011 (1)
    • September 2011 (2)
    • August 2011 (3)
    • July 2011 (4)
    • June 2011 (5)
    • May 2011 (3)
    • April 2011 (4)
    • February 2011 (2)
    • January 2011 (3)
  • ► 2010 (33)
    • December 2010 (1)
    • October 2010 (1)
    • September 2010 (4)
    • August 2010 (5)
    • July 2010 (6)
    • June 2010 (4)
    • May 2010 (3)
    • April 2010 (2)
    • March 2010 (3)
    • February 2010 (2)
    • January 2010 (2)
  • ► 2009 (24)
    • December 2009 (1)
    • November 2009 (1)
    • October 2009 (3)
    • September 2009 (3)
    • August 2009 (4)
    • July 2009 (2)
    • June 2009 (2)
    • May 2009 (3)
    • April 2009 (1)
    • February 2009 (2)
    • January 2009 (2)
  • ► 2008 (44)
    • December 2008 (1)
    • October 2008 (4)
    • September 2008 (4)
    • August 2008 (8)
    • July 2008 (11)
    • June 2008 (4)
    • May 2008 (2)
    • April 2008 (2)
    • March 2008 (3)
    • February 2008 (3)
    • January 2008 (2)
  • ► 2007 (56)
    • December 2007 (3)
    • November 2007 (5)
    • October 2007 (6)
    • September 2007 (5)
    • August 2007 (8)
    • July 2007 (5)
    • June 2007 (9)
    • May 2007 (3)
    • April 2007 (2)
    • March 2007 (5)
    • February 2007 (5)
  • ► 2006 (33)
    • December 2006 (4)
    • November 2006 (2)
    • October 2006 (6)
    • September 2006 (1)
    • August 2006 (2)
    • July 2006 (3)
    • June 2006 (5)
    • May 2006 (3)
    • April 2006 (2)
    • March 2006 (5)

Disclaimer

Talking Identity is my exploration of the world of Identity Management. The views expressed on this blog are my own and do not necessarily reflect the views of my employer (doesn't mean I'm not trying hard to mold them in my own image).

Copyright © 2005-2013 Nishant Kaushik. All Rights Reserved.