NIST Recommends SMS Two-Factor Authentication Deprecation

This is an intriguing draft document by NIST concerning SMS and two-factor authentication.  This is a commonly used technique for many two-factor providers so conversion to more secure methods may take time.  This is certainly not a finalized recommendation and adoption will take time if it moves forward.

https://threatpost.com/nist-recommends-sms-two-factor-authentication-deprecation/119507/

LastPass password manager “zero-day” bug hits the news

This is a very good, common sense explanation of the “zero-day” vulnerability that has been discussed in the press for the popular password manager LastPass.  I agree that caution is warranted, but I do not believe it is time to wholesale abandon the product or the use of password managers in general.  Watch for the patch and apply as soon as possible.

https://nakedsecurity.sophos.com/2016/07/27/lastpass-password-manager-zero-day-bug-hits-the-news/