Have a question? We're here to help.
Symas has produced another in its series of maintenance releases for its Symas OpenLDAP Gold subscribers.
Before the latest changes using the DA checks was more complicated. In addition to the HTTP Basic Auth creds, callers had to pass the administrator’s session in the payload of the request. This made it harder to use and (worse) less secure.
We don’t have to throw the baby out with the bathwater. RBAC has many good aspects that we’d like to preserve. It’s standards-based, meaning various implementations should interoperate. It works, and is already in place, pretty much everywhere. But we’d like to be able to sprinkle in a bit of context, allowing us to fix the role explosion problem, without breaking its interoperability, or bringing in another implementation, with yet another protocol.
50% of networks and websites that aren’t using 2FA are open to shared-password attacks. Is yours one of them? How many of the users in your network use the same password on external sites with questionable security? Ondrej Kuznik offers insight on how OpenLDAP users can implement 2FA today. Click to learn how.
We all know there’s not a foolproof way to secure computing systems. But there are steps that can mitigate the risk of exposure once the inevitable breach occurs.