TOTP

Time-based one-time password: TOTP explained

Data leaks and hacker attacks mean that internet security is becoming increasingly important for users. Standard passwords based on names and dates of birth can be cracked in seconds and give criminals access to all kinds of accounts. In combination with multi-factor authentication, TOTP can provide a solution: a password which is only valid for a short time. How does this work?

DHCP Snooping

DHCP Snooping: More Security for Your Network

DHCP snooping makes a network more secure. There are no two ways about it: DHCP makes network configuration so much easier. This is especially the case in large networks, where devices are constantly changing and the manual assignment of IP addresses is a never-ending task. Yet by using DHCP to simplify the process, you do relinquish controls, and criminals can take advantage of this. By using...

What is a rootkit?

What you need to know about rootkits

If you ask the IT community which malware is the most harmful, the answer is typically not viruses, worms or Trojan horses. Experts unanimously agree that rootkits pose much greater problems even to experienced users. The rootkit’s special ability is to conceal other malware and thereby enable cybercriminals to misuse others’ computers for their own criminal activities undetected – such as for bot...

SAML

SAML: the XML framework for SSO at a glance

Simplifying log-in processes makes websites more user friendly, and also helps to increase the security of user data. One of the most popular solutions for implementing authentication processes is SAML (security assertion markup language). Through a variety of components such as special protocols and message formats, this XML-based framework helps to implement internal and cross-company log-on...

Man-in-the-middle attack: an overview of attack patterns

Man-in-the-middle attack: attack patterns and countermeasures

A man-in-the-middle attack is a deceitful espionage attack which aims to listen, record, or manipulate sensitive data being sent between unsuspecting internet users. To do this, hackers rely on methods that enable them to position themselves, unnoticed, between two or more computers communicating with one another. We introduce you to some well-known attack patterns and countermeasures that can be...

Protect sensitive data with a strong password

Optimal password protection: how to choose a strong password

It only takes a few seconds for a hacker to gain access to your private data without you having any idea. More often than not, a password is the only means of protection when logging into online services; and if it is too obvious, it will not prove too much of a challenge for criminals to crack. There are numerous options to increase password security.

OAuth

OAuth & OAuth 2: data usage across platforms

The “pathway to hell” – this is how Eran Hammer-Lahav once called the security protocol OAuth 2.0, on which he himself had worked for years. Others, however, use the service without issue. It enables users to use data and functions across multiple platforms in multiple services – for example, with the convenient single sign-on – using secure API authorization. But how exactly does OAuth2 work and...

Keylogger

Keyloggers: how do they work and how do you protect yourself from them?

Keyloggers are programs or devices that get access to your credentials by recording your keystrokes. Keyloggers hide in operating system software and leak data. Some keylogger hardware is even more sophisticated, since it can document your keyboard behavior or tap directly into the data stream. Learn how keyloggers work and which variants are available in our guide. We also give you tips on how to...

TAN procedures

iTAN, mTAN, chipTAN? An overview of all TAN procedures

Security in online banking has always been a cornerstone of the industry – TAN procedures like chipTAN are what make it possible. However, there are also many other variants of this two-factor authentication system that can be used to protect your banking transactions. As they say, a chain is only as strong as its weakest link – and in this case, it’s the user. Find out which TAN procedures are...

Rainbow tables

What are rainbow tables?

Rainbow tables: they may sound innocent, but they’re actually a strong attack method for cybercriminals. Using rainbow tables, you can find out specific passwords in just a few seconds. To protect yourself and your users from such attacks, you should understand how the tables function. We explain rainbow tables using an example.