Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

1/30/2009
01:28 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Name.com Offers Clients Two-Factor Authentication From VeriSign

By joining the VeriSign Identity Protection (VIP) Network, Name.com can provide its clients with safeguards that go beyond the standard log-in methods

Mountain View, Calif. " January 28, 2009 " In the wake of some recent high-profile hacker attempts to steal the passwords of millions of customers, businesses, including domain name service providers, are exploring options for added protection to ensure that Web site administrators and domain name registrants can manage their Web-based property with confidence.

Name.com LLC, is leading the way by offering its clients the chance to use strong, two-factor authentication from VeriSign, Inc. (NASDAQ: VRSN), the trusted provider of Internet infrastructure for the networked world.

By joining the VeriSign' Identity Protection (VIP) Network, Name.com can provide its clients with safeguards that go beyond the standard log-in methods.

Two-factor authentication works by combining something users know " their username and password " with something they have " a VIP security credential that generates a one-time password (OTP) for every sign-on. During an online session, this OTP is entered into the Name.com account log-in page, along with the user's account name and password. Name.com then verifies the OTP and matches it to the account holder, thus enabling its clients to achieve strong " or two-factor " authentication.

"Domain names are digital brands, and we bear huge responsibility to ensure that their clients have access to the most advanced security safeguards available," said Bill Mushkin, CEO and founder at Name.com. "Offering VIP credentials is an important part of meeting that obligation, and it's one that VeriSign has helped us meet quickly and easily. The globally trusted VeriSign brand will reassure our customers, while membership in the VIP Network offers them convenient access to strong authentication on many Web sites the world over."

The unique VIP Network allows consumers to use a single security device to authenticate themselves across any VIP-enabled Web site. As a result, Name.com-issued credentials can be used not only on the Name.com login portal but also on any site that is part of the VIP Network. For domain name service providers and other businesses, joining the VIP Network helps distribute the costs of stronger authentication.

"Name.com has clearly taken the initiative to protect its clients against security breaches that have come from using simple user names and passwords," said Kerry Loftus, vice president of Consumer Authentication Solutions at VeriSign. "By joining the VIP Network, Name.com is taking a strategic step to ensure its clients have a safe, secure and convenient environment in which to do business online."

About Name.com LLC Name.com is a unique, independent, and fully ICANN-accredited domain registrar. Its goal is to fully meet every customer's needs and wants for domain name registration and renewal by offering retail, aftermarket and expiring names services. For more information, visit www.name.com.

About VeriSign VeriSign, Inc. (NASDAQ: VRSN) is the trusted provider of Internet infrastructure services for the networked world. Billions of times each day, VeriSign helps companies and consumers all over the world engage in communications and commerce with confidence. Additional news and information about the company is available at www.verisign.com.

Contacts Christina Rohall, [email protected], 650-336-4663 Investor Relations: Nancy Fazioli, [email protected] , 650-426-5146

Statements in this announcement other than historical data and information constitute forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. These statements involve risks and uncertainties that could cause VeriSign's actual results to differ materially from those stated or implied by such forward-looking statements. The potential risks and uncertainties include, among others, the uncertainty of future revenue and profitability and potential fluctuations in quarterly operating results due to such factors as the inability of VeriSign to successfully develop and market new products and services and customer acceptance of any new products or services, including VeriSign Identity Protection services; the possibility that VeriSign's announced new services may not result in additional customers, profits or revenues; and increased competition and pricing pressures. More information about potential factors that could affect the company's business and financial results is included in VeriSign's filings with the Securities and Exchange Commission, including in the company's Annual Report on Form 10-K for the year ended December 31, 2007 and quarterly reports on Form 10-Q. VeriSign undertakes no obligation to update any of the forward-looking statements after the date of this press release.

2009 VeriSign, Inc. All rights reserved. VeriSign, the VeriSign logo, the checkmark circle, and other trademarks, service marks, and designs are registered or unregistered trademarks of VeriSign, Inc., and its subsidiaries in the United States and in foreign countries. All other trademarks are property of their respective owners. # # #

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/23/2020
Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/19/2020
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
David Pearson, Principal Threat Researcher,  10/21/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27187
PUBLISHED: 2020-10-26
An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcore_externalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related command...
CVE-2020-7752
PUBLISHED: 2020-10-26
This affects the package systeminformation before 4.27.11. This package is vulnerable to Command Injection. The attacker can concatenate curl's parameters to overwrite Javascript files and then execute any OS commands.
CVE-2020-7127
PUBLISHED: 2020-10-26
A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
CVE-2020-7196
PUBLISHED: 2020-10-26
The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Container Platform 5.0 use an insecure method of handling sensitive Kerberos passwords that is susceptible to unauthorized interception and/or retrieval. Specifically, they display the kdc_admin_password in the source file of the ur...
CVE-2020-7197
PUBLISHED: 2020-10-26
SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreServ Management Console (SSMC) 3.7.0.0 is an off node multiarray manager web application and remains isolated from data on the managed arrays. HPE has provided an update to HPE StoreServ Management Console (SSMC) software 3.7.0.0* U...