TechNewsPro_Masthead_2.jpg

The latest in NEWS, RESOURCES and JOBS

Lower the TCO of your legacy data wareho
Talend_Banner_728x90px_v1.jpg
  • Sahriar Shuvo - Tech Journalist

Passwordless GitHub: What’s next?

GitHub has planned to move out of the password-based authentication system in August 2021. A trial period of two weeks will be held ahead of the permanent implement to test out certain features. We have seen different types of authentication throughout the years.



Somewhere in 2004, Microsoft CEO Bill Gates announced: “Passwordless movement” for regular usage. In this follow-up, GitHub by Microsoft is launching its first mission accordingly. The intention is to move away from the hassle of the same old password pattern and make it far easier to authenticate on the user side. While the mobile or authentication device security is the baseline from the user end.


Authentication via password is an easy target. It’s just the wall between sensitive content and 3rd party. Although every secure password handler takes the password to encrypt method and it’s actually hard to crack. But we have been through enough to visualize that these passwords can be cracked too, one way or another.


The new update can push updates directly into the cloud without using manual passwords. While an OTP may be required for one-time authentication for temporary use. The direct change will be applied in the GitHub app and GitHub push functions. The git-gui is a perfect tool for developers to push updates on the cloud for users. GitHub security engineer Matthew Langlois described it as an announcement about the upcoming update. Implementation will begin in July 2021.


Cloning on default (HTTPS) is being done almost for all of the pushes and this change will give SSH a new life. SSH uses tokens or OAuth for regular usage. These tokens have values that are impossible to crack due to their randomness and the ability to be unique. User or in this case a developer can revoke access to the token and they are limited. This allows minimal access on the backend, securing the whole application.


Setting up for OAuth is not hard. Anyone using a 2FA is already enrolled to enjoy the new feature. The brownouts period will deliver all the messages and notifications for users who are not already aware of the change. Developers should already receive mail notifications to integrate OAuth or 2FA.


GitHub is also introducing a token scanning service and it will help to generate secure tokens instead of using weak passwords. Developers should be careful of how they include the tokens in deployed applications as it requires protection itself. Brute forcing, keylogging, random password dump will come to an end after this. A few other popular services may follow if it works out perfectly and we may soon live in a Passwordless world.

Element_300x600_June_2.jpg

LATEST RESOURCES

 

 

Parting the clouds. 

for greater security

Covid-19 has landed CSOs a unique opportunity to embrace web isolation.

Eliminate malware threats with zero trust 

Isolation-powered security provides full protection against email and Web based threats.

7 Customer Service Mistakes Companies Should Avoid Making

2020 was a tumultuous year but it did bring customer service back to the forefront of the business planning agenda for 2021. As you plan and prioritise your initiatives, it is important to avoid mistakes.

Integrating Compliance into Innovation: Taking Control Over Customer Communications

Compliance is one of those areas that is better off unnoticed. When compliance does get attention, it is usually because something has gone wrong and that is something that keeps executives up at night. It is easy to see why. 

Artificial Intelligence Based COVID Signature

Detection Software

The software takes the X-Rays and CT scans in digital format and analyses the X-Ray reports through uploading the images which is followed by detailed report about the patient suffering from COVID19 or similar ailments.

Six Steps to Drive Your

Process Center of Excellence to Success

Find out why yo need a center of excellence - and how save you time and money while improving experiences for both your customers and employees. 

Steps to Deliver Data You Can trust at the Speed of Business

Why trusted data is the key to digital transformation. Discover and cleanse your data. 

Organise data you can trust and empower people

Automate your data pipelines and enable data access.

2021 Threat Report 

Four Key Trends in the Cyber-Threat Landscape.

The security implications of remote working, SaaS takeover, rise of fearware, server side attacks, ransomware and Darktrace immune system.

Safe, inclusive communications for the University of Innsbruck

The open matrix is the foundation for secure, collaborative academic research and learning. Keen to support its learning culture, the university wanted to introduce a real time messaging system. 

Darktrace_Logo_Main.png
Element_Logo.jpg
eGain_logo.jpg
talend_Logo.png
MenloSecurity_Signature_Purple_RGB.jpg
MenloSecurity_Signature_Purple_RGB.jpg
nintex_logo.png
GMC_Software_Logo.jpg

    SUBSCRIBE

to our latest RESOURCES

to keep up to date with the

latest whitepapers

WP_GMC_Cover.jpg
WP_bold360_Cover.jpg