U2F Authentication with F5 APM and Duo Security

I've been working on Universal 2nd Factor (U2F) authentication today and it's a very interesting concept.  There is no requirement to enter a 6-digit code for 2nd factor authentication.  The website I'm logging into detects my Yubikey and the key button flashes a blue light.  Press the button and you're automatically authenticated. I've configured it with some of the … Continue reading U2F Authentication with F5 APM and Duo Security

The Burden of Federated Authentication

If you’ve ever had the pleasure to hear me rant on web access management then you know I like to stress the difference between authentication and authorization.  Authentication is the process of verifying a user’s identity while authorization is the process of determining the level of access the user possesses for any given application and/or … Continue reading The Burden of Federated Authentication