October 6, 2017

POLITICO: Oregon Senator Ron Wyden Calls for Social Security Administration to Adopt FIDO Authentication

VIA POLITICO Morning Cybersecurity Report 10/6/17

NOW THAT’S WHAT I’M TOKEN ABOUT — The Social Security Administration should let Americans add an extra layer of hack-proof protection to the information they provide the agency, according to a leading cyber-focused lawmaker. In a letter to acting SSA Commissioner Nancy Berryhill, Oregon Sen. Ron Wyden said the agency should let people use physical tokens for two-factor authentication on their accounts. Unlike the most common two-factor approaches — text messages and authenticator apps — these tokens are “resistant to all phishing,” Wyden wrote. He pointed out that the agency had already started moving in this direction by making two-factor authentication mandatory for all accounts in June, and he commended the agency for adding a security feature to its website that would make it harder for cyber criminals to impersonate the government in phishing emails. The logical next step, he wrote, is the token-based Universal 2nd Factor, or U2F, standard. “Given the low cost of implementation and strong additional protection that U2F provides, I urge SSA to consider supporting U2F on an opt-in basis for workers and beneficiaries,” Wyden told Berryhill.

Read the story: http://www.politico.com/tipsheets/morning-cybersecurity/2017/10/06/latest-reported-nsa-cyber-tool-theft-raises-contractor-kaspersky-concerns-222693

Read the letter: https://www.finance.senate.gov/imo/media/doc/100517%20RW%20to%20SSA%20U2F.pdf

MORE FIDO in the News


Forbes: Apple Just Made A Striking New Security Move That Could Impact All Users

Apple has joined the FIDO Alliance as a board member,...

February 12, 2020

Engadget: Google offers free Titan security keys to help secure political campaigns

In a move to help tighten security within political campaigns,...

February 11, 2020

ZDNet: Google open-sources the firmware needed to build hardware security keys

Google has released a new open source project called OpenSK...

January 30, 2020

Engineering and Technology: Could Data Protection Day 2020 mark the beginning of the end for passwords?

The world has seen substantive improvements in authentication – and...

January 28, 2020
Download Specs