Are Passwords Putting Your Business at Risk?
Attackers Are Not Hacking In. They Are Logging In. Ransomware, phishing, and credential-based...
The Betterment Breach Should Have Ended the Debate. It Didn’t.
By Kevin Surace | 4 minute read
The Betterment breach should not have surprised anyone paying attention, and it certainly should have ended the long-running argument about whether modern MFA is sufficient against today’s attacks. Instead, it became just another entry in a growing list of incidents that organizations explain away as bad luck, poor training, or unfortunate human error.
Your MFA Is Costing You Millions. It Doesn't Have To.
Most organizations still think of authentication as a cost of doing business.
AI Deepfakes Are Breaking Trust.
Device Based Biometrics Are the Only Way to Restore It.
Cyber Defense Magazine Features Token on Real Time Phishing Relay Attacks
Cyber Defense Magazine’s December issue includes a new article by Kevin Surace, Chair at Token,...
Doordash Was Breached for the Same Reason Everyone Is: Legacy MFA
Another Preventable Breach Another week. Another preventable breach. This time it is Doordash,...
Everyone Who Matters Says Move to Phishing Resistant/Proof MFA Now
What do CISA, NSA, NIST, OMB, DHS, the Department of Defense, Gartner, Microsoft, Google, the FIDO...
Tycoon 2FA and the Collapse of Legacy MFA
As seen in Bleeping Computer The Tycoon 2FA phishing kit signals a turning point in the battle...
-1.png)
Breaking the Ransomware Kill Chain: Why Legacy MFA is Failing
Ransomware attacks are rising faster than ever, and most share a common weakness — authentication...
PixSnapping: The Android Exploit That Turns 2FA Into an Open Book—and Why Token Stops It Cold
A newly published academic paper introduces a new hacker tool called PixSnapping (download PDF), an...