Presentation is loading. Please wait.

Presentation is loading. Please wait.

Passwords are Dead (or how I learned to love my phone)

Published byQuentin Peter Robbins Modified over 9 years ago

Similar presentations

Presentation on theme: "Passwords are Dead (or how I learned to love my phone)"— Presentation transcript:

1 Passwords are Dead (or how I learned to love my phone)

2 What got us here? Breaches, breaches breaches Account & password sharing Tension between strong password policies and user acceptance Time it takes to crack a password

3 Source: http://www.darkreading.com/perimeter/cartoon--end-user-security-prayer/d/d-id/1316122?image_number=1

4 How did we start? YearEvent Pre-2011Faculty concern about access to benefit information 2010-11Evaluation of existing technologies 2011-12Evaluation of integration with Shib 2013Pilot with Duo 2013IT rollout 2014Direct deposit phishing incident 2014-15Voluntary adoption + mandatory for some services

5 Our Approach 1.Focus on shibb’ed sites, but don’t forget other technologies (SSH, RDP, VPN) 2.Allow strength checking for multiple factors in shib 3.Build our own self-service interface 4.Provide options 5.Make it easy to recover

6 Our Approach (cont) Four-pronged rollout 1.Evangelize across campus for voluntary enrollment 2.Make mandatory for specific services (protected network) 3.Make mandatory for certain groups 4.Duke Medicine implemented a policy and mandatory enrollment by Aug 1

7 Multi-factor adoption over time

8 What’s Next? Mandatory for Duke Medicine remote access Mandatory for Duke@Work access (coming!) Solve the “thick client” problem for SAP and Peoplesoft Test how we can accept an “MFA” attribute from federation partners for shib logins.

Download ppt "Passwords are Dead (or how I learned to love my phone)"

Similar presentations

Integrated Healthcare Management system. Standards based design. [ Supports HXP (Health Exchange Protocol) a standard in exchanging health care data ]

Integrated Healthcare Management system. Standards based design. [ Supports HXP (Health Exchange Protocol) a standard in exchanging health care data ]
Dear OpenID Santa This Christmas I wish…. To Accept OpenID Please find a way to allow users to login to clients apps Messenger Phone/apps Allow them to.

Dear OpenID Santa This Christmas I wish…. To Accept OpenID Please find a way to allow users to login to clients apps Messenger Phone/apps Allow them to.
Security for Mobile Devices

Security for Mobile Devices
Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.

Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.
1 Overview February 2008. 2 Benefits Single information portal. Provides employees access to their personal information. Allows for real-time.

1 Overview February Benefits Single information portal. Provides employees access to their personal information. Allows for real-time.
PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.

PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.
BEN University Network Technology Proposal. Campus Wide Policies Password polices student/faculty IT Admin accounts Administrative access Hardware Access.

BEN University Network Technology Proposal. Campus Wide Policies Password polices student/faculty IT Admin accounts Administrative access Hardware Access.
Multi-Factor Authentication Added protection for a more secure you Presenter: Jeff Penn.

Multi-Factor Authentication Added protection for a more secure you Presenter: Jeff Penn.
Information Security The University of Texas at Dallas Education – Partnership – Solutions ISC Meeting April 10, 2015 Information Security

Information Security The University of Texas at Dallas Education – Partnership – Solutions ISC Meeting April 10, 2015 Information Security
Flexible Network Access Overview. Flexible Access an Integral part of Universal Access Policy Universal Access to Campus IT Resources Managed LAN portsFlexible.

Flexible Network Access Overview. Flexible Access an Integral part of Universal Access Policy Universal Access to Campus IT Resources Managed LAN portsFlexible.
PKI-Enabled Applications That work! Linda Pruss Office of Campus Information Security

PKI-Enabled Applications That work! Linda Pruss Office of Campus Information Security
1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.

1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.
The Office of Information Technology Two-Factor Authentication.

The Office of Information Technology Two-Factor Authentication.
Chapter 11: Dial-Up Connectivity in Remote Access Designs

Chapter 11: Dial-Up Connectivity in Remote Access Designs
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
ACC Online Services and Online Registration. Guess What? Telephone Registration Has Gone Away...It Is Time To Go Online! Part 1: Obtaining Your ACCeID.

ACC Online Services and Online Registration. Guess What? Telephone Registration Has Gone Away...It Is Time To Go Online! Part 1: Obtaining Your ACCeID.
Information Security Technological Security Implementation and Privacy Protection.

Information Security Technological Security Implementation and Privacy Protection.
Cloud Security Julian Lovelock VP, Product Marketing, HID Global.

Cloud Security Julian Lovelock VP, Product Marketing, HID Global.
Click here to begin HOW TO CREATE REFWORKS ACCOUNT.

Click here to begin HOW TO CREATE REFWORKS ACCOUNT.
Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.

Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.

Similar presentations

Ads by Google