Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

1/30/2009
01:28 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Name.com Offers Clients Two-Factor Authentication From VeriSign

By joining the VeriSign Identity Protection (VIP) Network, Name.com can provide its clients with safeguards that go beyond the standard log-in methods

Mountain View, Calif. " January 28, 2009 " In the wake of some recent high-profile hacker attempts to steal the passwords of millions of customers, businesses, including domain name service providers, are exploring options for added protection to ensure that Web site administrators and domain name registrants can manage their Web-based property with confidence.

Name.com LLC, is leading the way by offering its clients the chance to use strong, two-factor authentication from VeriSign, Inc. (NASDAQ: VRSN), the trusted provider of Internet infrastructure for the networked world.

By joining the VeriSign' Identity Protection (VIP) Network, Name.com can provide its clients with safeguards that go beyond the standard log-in methods.

Two-factor authentication works by combining something users know " their username and password " with something they have " a VIP security credential that generates a one-time password (OTP) for every sign-on. During an online session, this OTP is entered into the Name.com account log-in page, along with the user's account name and password. Name.com then verifies the OTP and matches it to the account holder, thus enabling its clients to achieve strong " or two-factor " authentication.

"Domain names are digital brands, and we bear huge responsibility to ensure that their clients have access to the most advanced security safeguards available," said Bill Mushkin, CEO and founder at Name.com. "Offering VIP credentials is an important part of meeting that obligation, and it's one that VeriSign has helped us meet quickly and easily. The globally trusted VeriSign brand will reassure our customers, while membership in the VIP Network offers them convenient access to strong authentication on many Web sites the world over."

The unique VIP Network allows consumers to use a single security device to authenticate themselves across any VIP-enabled Web site. As a result, Name.com-issued credentials can be used not only on the Name.com login portal but also on any site that is part of the VIP Network. For domain name service providers and other businesses, joining the VIP Network helps distribute the costs of stronger authentication.

"Name.com has clearly taken the initiative to protect its clients against security breaches that have come from using simple user names and passwords," said Kerry Loftus, vice president of Consumer Authentication Solutions at VeriSign. "By joining the VIP Network, Name.com is taking a strategic step to ensure its clients have a safe, secure and convenient environment in which to do business online."

About Name.com LLC Name.com is a unique, independent, and fully ICANN-accredited domain registrar. Its goal is to fully meet every customer's needs and wants for domain name registration and renewal by offering retail, aftermarket and expiring names services. For more information, visit www.name.com.

About VeriSign VeriSign, Inc. (NASDAQ: VRSN) is the trusted provider of Internet infrastructure services for the networked world. Billions of times each day, VeriSign helps companies and consumers all over the world engage in communications and commerce with confidence. Additional news and information about the company is available at www.verisign.com.

Contacts Christina Rohall, [email protected], 650-336-4663 Investor Relations: Nancy Fazioli, [email protected] , 650-426-5146

Statements in this announcement other than historical data and information constitute forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. These statements involve risks and uncertainties that could cause VeriSign's actual results to differ materially from those stated or implied by such forward-looking statements. The potential risks and uncertainties include, among others, the uncertainty of future revenue and profitability and potential fluctuations in quarterly operating results due to such factors as the inability of VeriSign to successfully develop and market new products and services and customer acceptance of any new products or services, including VeriSign Identity Protection services; the possibility that VeriSign's announced new services may not result in additional customers, profits or revenues; and increased competition and pricing pressures. More information about potential factors that could affect the company's business and financial results is included in VeriSign's filings with the Securities and Exchange Commission, including in the company's Annual Report on Form 10-K for the year ended December 31, 2007 and quarterly reports on Form 10-Q. VeriSign undertakes no obligation to update any of the forward-looking statements after the date of this press release.

2009 VeriSign, Inc. All rights reserved. VeriSign, the VeriSign logo, the checkmark circle, and other trademarks, service marks, and designs are registered or unregistered trademarks of VeriSign, Inc., and its subsidiaries in the United States and in foreign countries. All other trademarks are property of their respective owners. # # #

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
News
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
News
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18629
PUBLISHED: 2021-03-04
Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow an attacker to execute an unwanted binary during a exploited clone install. This requires creating a clone file and signing that file with a com...
CVE-2019-18628
PUBLISHED: 2021-03-04
Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow a user with administrative privileges to turn off data encryption on the device, thus leaving it open to potential cryptographic information dis...
CVE-2021-21331
PUBLISHED: 2021-03-03
The Java client for the Datadog API before version 1.0.0-beta.9 has a local information disclosure of sensitive information downloaded via the API using the API Client. The Datadog API is executed on a unix-like system with multiple users. The API is used to download a file containing sensitive info...
CVE-2021-27940
PUBLISHED: 2021-03-03
resources/public/js/orchestrator.js in openark orchestrator before 3.2.4 allows XSS via the orchestrator-msg parameter.
CVE-2021-21312
PUBLISHED: 2021-03-03
GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability within the document upload function (Home > Management > Documents > Add, or /front/documen...