{"componentChunkName":"component---src-templates-blog-list-template-js","path":"/identity/66","result":{"data":{"allMarkdownRemark":{"edges":[{"node":{"excerpt":"Every day, societies are becoming more digitized. Instead of speaking to a colleague, you’ll chat online. To hail a cab, just tap your phone…","fields":{"slug":"/identity/ccpa-introduction/"},"html":"

Every day, societies are becoming more digitized. Instead of speaking to a colleague, you’ll chat online. To hail a cab, just tap your phone screen. Need a doctor? There’s an app for that, too. All of this online activity gives businesses valuable consumer data (e.g., name, age, email addresses).

\n

However, starting January 01, 2020, the way you collect, store, and share this data may land you in trouble. If you’re unsure how the California Consumer Privacy Act (CCPA) will impact your company, keep reading. This introduction to CCPA compliance focuses on the most common questions that businesses have today.

\n

For more detailed information, including the major differences between GDPR and CCPA, check out our infographic.

\n

For now, let’s start with the basics.

\n

What is the California Consumer Privacy Act?

\n

The CCPA’s goal is to give consumers more information and control over how their personal information is being used. It will apply to all businesses that handle or collect data from California residents.

\n

What is residency based on? Basically, anyone who pays taxes to the State of California is a California consumer, whether they currently live in the Golden State or not. This California residency law site explains more:

\n

“Under California law, a person who visits the state for other than a temporary or transitory purpose is also a legal resident, subject to California taxation. Even visits can result in residency status. Examples of such visits include an indefinite stay for health reasons, extended stays (usually over six months), retirement, or employment that requires a prolonged or indefinite period to accomplish.”

\n

How do you comply with the California Consumer Privacy Act?

\n

Preparing for compliance can feel overwhelming. In fact, in a recent survey of American companies, nearly half had not begun implementing privacy policies (TrustArc, 2019).

\n

However, here are three ways you can get started now.

\n

Ensure that your decision-makers and key stakeholders know:

\n\n

Document and organize customer information, so your company knows:

\n\n

This will help you set up an efficient system for information retrieval should a customer or auditor request that info. Enlisting a Data Protection Officer or a Data Protection Team to handle these requests is a good idea.

\n

Review and update your privacy policies.

\n

A GDPR Privacy Policy will meet CalOPPA/CCPA requirements, but a CalOPPA/CCPA policy might not be GDPR-compliant. To be safe, be sure that your CCPA privacy policy is clearly defined and easily distinguishable from GDPR regulations.

\n

It’s also helpful to train your customer-facing employees on how privacy policies and CCPA compliance can improve customer trust and increase engagement.

\n

\n \n \n

\n

CCPA 2.0: What You Need to Know About the New CPRA

\n

On November 3, 2020, the voters in California approved the Consumer Privacy Rights Act (on the ballot as Proposition 24) with 56.1% of the vote. This revised version of the CCPA will further strengthen the consumer privacy rights for California citizens.

\n

We are thrilled to announce the passage of #Prop24, the California Privacy Rights Act, with a decisive majority of Californians supporting the measure to strengthen consumer privacy rights. #California once again makes history and leads the nation!

\n

— Yes on Prop 24 — Californians for Consumer Privacy (@caprivacyorg) November 4, 2020_

\n

While some of the changes took effect immediately, the law would become effective on January 1, 2023 with the majority of the enforcement set for July 1 of that year.

\n

CCPA 2.0: Key Aspects of the New CPRA

\n

Most significant new additions include:

\n\n

CCPA 2.0: Key Differences with the CCPA

\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
Parameter\n CCPA\n CPRA\n
Consumer Rights\n \n
    \n
  • Right to Know/Access \n
  • Right to Delete \n
  • Right to Opt-out of Sale \n
  • Right to Non-Discrimination\n
    • \n
\n 		All rights defined under the CCPA, plus: \n
    \n
  • Right to Rectification \n
  • Right to Limit Use and Disclosure of Sensitive Personal Information \n
    • \n
\n
Employee and B2B Exemption\n Expires on Jan 1, 2021 \n Expires on Jan 1, 2023\n
Personal Information\n Information that identifies, relates to, describes, or could reasonably be linked, directly or indirectly, with a consumer or household. \n Personal information, as well as “Sensitive Personal Information” which includes SSN, driver license numbers, biometric information, precise geolocation, and racial and ethnic origin etc. \n
Threshold Application\n It applies to businesses that collect personal information from California's consumers and meet any of the following:\n
    \n
  • A gross annual revenue of over $25 million.\n
  • Buy, receive, or sell the personal information of 50,000 or more California consumers, households, or devices.\n
  • Derive 50% or more of their annual revenue from selling California consumers’ personal information.\n
    • \n
\n 		It applies to businesses that collect personal information from California's consumers and meet any of the following:\n
    \n
  • A gross annual revenue of over $25 million.\n
  • Buy, receive, or sell the personal information of 100,000 or more California consumers, households, or devices.\n
  • Derive 50% or more of their annual revenue from selling or sharing California consumers’ personal information. \n
    • \n
\n
Enforcement\n \n
    \n
  • The Attorney General can pursue violations.\n
  • Consumers have a private right of action for a breach. \n
  • Businesses will have a 30–day cure period before imposing fine.\n
    • \n
\n 		\n
    \n
  • Consumers have a private right of action for a breach.\n
  • Businesses will be fined immediately with no cure period. \n
    • \n
\n
Use Limitation \n N/A \n Collection, retention, and use should be limited to what is necessary to provide goods or service. \n
\n

How Businesses Should Prepare for the New CPRA

\n

The good news for companies is that the implementation of the CPRA will not begin until July 2023. So, organizations have some time to plan out their new data policies.

\n

Step up data deletion policies

\n

Under CPRA, businesses will have to delete personal data after it has served its purpose. So, here's what you can do.

\n

Put an identity and access management (IAM) system in place to connect all personal data under centralized user profiles. With a single repository of consumer data, you can simplify compliance and abide more easily by the primary aspects of CPRA. They may include deleting personal data, making corrections, and offering reports to consumers upon request.

\n

Implement MFA for logins

\n

One way to improve the security of login credentials is by implementing multi-factor authentication (MFA). It puts a bar on automatic account access and enforces additional authentication layers such as a fingerprint or a one-time code in the event of an unusual login.

\n

It is a simple effort to prevent broken authentication attacks, such as credential stuffing, in which exposed login credentials become the gateway for identity thieves.

\n\n

With the CCPA, your organization needs to prepare for consent withdrawal. The LoginRadius Identity Platform centralizes all your customers’ personal information. You can document and manage your customers’ consent including withdrawal.

\n

Another core component of the CCPA is providing data access to auditors or customers, should they request it. With the LoginRadius Identity Platform, customer data is unified into one profile for easy access. You can also export it in an easy-to-read format.

\n

Last but not least, LoginRadius provides top-notch security that monitors and protects your customer data. For example, our CIAM software can encourage your customers to use intelligent passwords, protect the data against brute force attacks from hackers, block access to suspicious IPs, and more.

\n

Summary

\n

Following the old CCPA rules will not automatically lead to CCPA 2.0 compliance; don’t wait to be sued to find out. Let LoginRadius help your business become globally compliant. Not only does our technology meet the new CPRA regulations, but we continuously update it to meet new international privacy laws.

\n

\n \n \n

\n","frontmatter":{"date":"May 03, 2019","updated_date":null,"description":"On November 3, 2020, the voters in California approved the Consumer Privacy Rights Act (on the ballot as Proposition 24) with 56.1% of the vote. This revised version of the CCPA will further strengthen the consumer privacy rights for California citizens.","title":"California's CCPA 2.0 Passed: Everything You Need to Know About the New CPRA","tags":["ccpa","data privacy","compliance","customer trust"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":2.150537634408602,"src":"/static/6e185d6a87b7773ea2ca9a79de8d9527/c3e3a/ccpa-intro.jpg","srcSet":"/static/6e185d6a87b7773ea2ca9a79de8d9527/f836f/ccpa-intro.jpg 200w,\n/static/6e185d6a87b7773ea2ca9a79de8d9527/2244e/ccpa-intro.jpg 400w,\n/static/6e185d6a87b7773ea2ca9a79de8d9527/c3e3a/ccpa-intro.jpg 769w","sizes":"(max-width: 769px) 100vw, 769px"}}},"author":{"id":"Rakesh Soni","github":"oyesoni","avatar":"rakesh-soni.jpg"}}}},{"node":{"excerpt":"The conventional employee identity and access management (IAM) systems were initially designed to manage employee identities. And they aren…","fields":{"slug":"/identity/iam-vs-ciam/"},"html":"

The conventional employee identity and access management (IAM) systems were initially designed to manage employee identities. And they aren’t potent enough to cater to customers' diverse needs pertaining to user experience and security.

\n

Apart from this, employee IAM also doesn’t help when the needs of consumers are growing with every passing year, and internal identity management systems are not built to keep up.

\n

Users now expect a seamless and secure customer experience across multiple platforms, devices, and touchpoints. And the conventional IAM will always struggle to meet these requirements.

\n

Customer Identity and Access Management (CIAM) solutions help to improve the customer experience, reduce security risks, shrink costs, and increase the availability of applications.

\n

CIAM solutions are becoming more commonly used in organizations today because they provide several benefits. For example, a customer identity and access management (CIAM) solution can improve the customer experience by increasing the flexibility and customization of applications.

\n

CIAM solutions can also reduce security risks by allowing users to access only those applications they need for their work tasks.

\n

Finally, these solutions can be very cost-effective because they allow companies to scale their technology needs by providing an easy way to manage all users with one set of tools.

\n

This is where customer IAM solutions come in. These solutions have been built to handle customer authentication requirements, scalability, privacy and data regulations, user experience, and integration.

\n

Compared to employee IAM, a customer identity and access management (CIAM) solution improves the customer experience, reduces security risks, shrinks costs, and increases the availability of applications.

\n

In this infographic, we compare the following features of both an IAM and CIAM solution:

\n\n

\n \n \n

\n","frontmatter":{"date":"March 21, 2019","updated_date":null,"description":"In order to serve customers, conventional identity management is no longer enough. This truly ought to go without saying. After all, internal management systems were initially designed to handle employee identities, and consumer preferences are not generally matched with their preferences of a successful user experience.","title":"IAM vs. CIAM: Which Solution is Right For You?","tags":["iam","ciam","identity management"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.408450704225352,"src":"/static/33f5de275c064ffdda7e9e501bd74fa7/0756a/IAM-vs-CIAM-V01.01-01-1.png","srcSet":"/static/33f5de275c064ffdda7e9e501bd74fa7/69585/IAM-vs-CIAM-V01.01-01-1.png 200w,\n/static/33f5de275c064ffdda7e9e501bd74fa7/497c6/IAM-vs-CIAM-V01.01-01-1.png 400w,\n/static/33f5de275c064ffdda7e9e501bd74fa7/0756a/IAM-vs-CIAM-V01.01-01-1.png 768w","sizes":"(max-width: 768px) 100vw, 768px"}}},"author":{"id":"Rakesh Soni","github":"oyesoni","avatar":"rakesh-soni.jpg"}}}},{"node":{"excerpt":"The customer identity space is in a dynamic phase, with lots of activity around mergers and acquisitions (M&A) and investment. One notable…","fields":{"slug":"/identity/looking-gigya-alternative-try-loginradius-superior-modern-identity-platform/"},"html":"

The customer identity space is in a dynamic phase, with lots of activity around mergers and acquisitions (M&A) and investment.

\n

One notable event was the SAP acquisition of Gigya in late 2017.

\n

Now that a year has gone by, existing Gigya contracts are ending. Engineers are probably thinking that everything’s fine and that not much has changed with their customer identity solution.

\n

But as a leader, you should be worried. The Gigya technology may not have changed (yet) but the company that delivers it has changed significantly. Now is the time to start looking for the best Gigya alternatives.

\n

Acquisitions Create Problems for Customers

\n

M&A can be exciting for everyone associated with the acquired company. However, in some cases an acquisition can be damaging for customers, partners, and employees, depending on who the acquirer is.

\n

One such case is when the acquirer is significantly larger than the acquired company and they do not let the acquired company operate independently. The differences in size and power create culture clash, which is one of the top reasons that mergers fail.

\n

Culture clash then leads to staff turnover, which can be up to three times higher than in non-acquired companies.

\n

When employees and partners leave an acquired company, customers are the most hurt group among the three. Customers have to move quickly to find an alternative provider, and it also impacts resource allocation, service quality, and all of their future plans.

\n

This is the tough situation where Gigya customers now find themselves.

\n

Why Are Companies Looking for Other Solutions Like Gigya (SAP)?

\n

In the past twelve months, many customers have done their research on Gigya competitors and migrated away from Gigya to LoginRadius. We’ve heard from them about why they switched, and I wanted to share their feedback.

\n

“SAP is not a personality fit. It’s big, old, and slow.”

\n

Gigya no longer has its young, fast-moving culture from pre-acquisition days. It’s now part of a long-standing and enormous organization at SAP, which means a slower pace of technological innovation.

\n

SAP has 95,000 employees and Gigya had 500, which makes SAP 190 times larger. It’s not hard to guess which culture is going to win out.

\n

If your company chose Gigya because their agility and cutting-edge creativity were a great match for your corporate personality, there’s now a big disconnect.

\n

“Our contacts and partners are no longer there.”

\n

Customers aren’t the only ones who don’t want to make the leap to a different culture. Employees are even more affected by the organizational change, and a lot of them leave rather than try to adapt.

\n

Many of the people who took care of Gigya’s customers are gone by now. If you’re one of those customers, this turnover marks an end to your human relationship with Gigya.

\n

Then you get assigned to new account managers from the SAP culture and SAP strategies, not from Gigya’s young and innovative culture.

\n

“We’re now a tiny customer for the massive SAP enterprise.”

\n

Gigya used to be a small company with a few thousand customers. They were able to give quick personalized support.

\n

Now, as SAP, they have a huge client base.

\n

Perhaps you were in the top 10% of Gigya customers. Post-acquisition, you’re probably not even in the top 40% of customers. Big acquiring companies have customers who pay them $100 million or more, and you end up becoming a Tier 3 or 4 customer.

\n

You never get the same level of care you enjoyed before from your CIAM vendor.

\n

SAP is also outsourcing its support for Gigya customers to external partners who don’t necessarily have the level of expertise required. They may not understand your actual implementation. It can take days or weeks to resolve issues.

\n

“With SAP, we’re stuck using SAP products and technologies.”

\n

SAP Customer Data Cloud, the new name for Gigya’s customer identity and access management (CIAM) platform, is just a tiny part of the SAP universe. CIAM is now one offering out of 200.

\n

Gigya uses SAP servers for colocation, and they only have five regional data centers.

\n

Top 5 Reasons Companies Are Migrating from Gigya (SAP) to LoginRadius

\n

Many large brands, including a large media company with 30 million users, have migrated from Gigya/SAP to LoginRadius. Here are the top 5 reasons why big brands are considering LoginRadius as the best Gigya alternative.

\n

1. LoginRadius is a young and innovative company that is a leader in the CIAM space.

\n

“Innovate or die” is the mantra of the 21st century for tech businesses. The LoginRadius customer identity platform is the most modern offering in its class. In the security industry, it’s essential to stay current and jump on new developments quickly, and we have the agility to do that. The company has been recognized as a leader by many analyst firms, including KuppingerCole, Gartner, and Forrester.

\n

2. Customer identity is our core business.

\n

LoginRadius started in customer identity and it’s what we do. The full focus of our technology and business leadership is on creating modern customer experiences and helping businesses win customer trust.

\n

3. LoginRadius infrastructure is global and ready to scale.

\n

LoginRadius is deployed on Microsoft Azure cloud servers with failover to Amazon Web Services. Our platform scales to handle hundreds of millions of customers and over 150K logins per second. We have 35 global data storage centers (and counting).

\n

4. We have in-house customer support.

\n

LoginRadius offers our clients a dedicated support team, consisting of a customer success manager and implementation engineer. These are LoginRadius experts who understand your environment and resolve your issues quickly.

\n

5. LoginRadius has the best system availability.

\n

LoginRadius is the only CIAM platform on the market that guarantees 100% uptime, compared to 99.9% offered by other vendors. While other platforms have minutes to hours of unscheduled downtime as well as downtime for regular maintenance, LoginRadius is simply always available.

\n

Migration Program for Gigya Customers Looking to Move

\n

LoginRadius has migrated many customers, and we’re good at it. Our team will work with you through the whole process and manage the production deployment so there’s very little effort required on your side.

\n

We have automated software for a seamless migration and quick go-to-market, and we do most of the migration testing. Your users won’t be affected—they won’t even notice anything. Customers are pleasantly surprised at how simple the process is.

\n

If you’d like to hear more about customers making the switch to LoginRadius, contact us at 1-844-625-8889. We can also give you a demo so you can see how our features compare.

\n

\n \n \n As customer trust increases, businesses can request more data.

\n

The subsequent actions often take the place of secondary registration forms or event-driven calls to action for your customer to supply additional profile metadata. For example, you could request more detailed data only after a customer has logged in a certain number of times or navigated to a certain digital property.

\n

Progressive Profiling with Social Accounts

\n

Progressive profiling with social accounts is the process of progressively requesting additional OAuth Access permissions from your customers. This process allows you to minimize the access permissions requested and get business-critical access from your customers based on their social providers.

\n

\n \n \n An example of progressive profiling with social accounts

\n

Once the customer interacts more with your platform, you can begin requesting additional permissions from the social provider they are authenticating with. For example, you can ask for basic information, such as name and email, during registration, and then ask for birthdate, likes, and interests from the same customer at a later point.

\n

To learn more about how LoginRadius can improve customer experience and data collection using Progressive Profiling or other features, Book a demo today.

\n

\n \n \n

\n","frontmatter":{"date":"February 07, 2019","updated_date":null,"description":"A new feature of the LoginRadius Identity Platform is progressive profiling, which gradually collects data from customers in an automated way.","title":"Presenting: Progressive Profiling from LoginRadius","tags":["progressive profiling","cx","ciam solution"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/da44452f5513e8a73504016fe0488f80/33aa5/progrssive-profiling.jpg","srcSet":"/static/da44452f5513e8a73504016fe0488f80/f836f/progrssive-profiling.jpg 200w,\n/static/da44452f5513e8a73504016fe0488f80/2244e/progrssive-profiling.jpg 400w,\n/static/da44452f5513e8a73504016fe0488f80/33aa5/progrssive-profiling.jpg 768w","sizes":"(max-width: 768px) 100vw, 768px"}}},"author":{"id":"Rakesh Soni","github":"oyesoni","avatar":"rakesh-soni.jpg"}}}},{"node":{"excerpt":"Introduction Security questions can add an extra layer of certainty to your authentication process. Security questions are an alternative…","fields":{"slug":"/identity/best-practices-choosing-good-security-questions/"},"html":"

Introduction

\n

Security questions can add an extra layer of certainty to your authentication process.

\n

Security questions are an alternative way of identifying your consumers when they have forgotten their password, entered the wrong credentials too many times, or tried to log in from an unfamiliar device or location.

\n

So, how do you define a good security question? We have come up with some basic guidelines that will help you create the best ones.

\n

What Makes a Good Security Question?

\n

The best security questions and answers make it easy for legitimate consumers to authenticate themselves without worrying about their account being infiltrated.

\n\n

You can minimize both of these outcomes by creating good security questions.

\n
    \n
  1. Safe: Cannot be guessed or researched.
    2. \n
  2. Stable: Does not change over time.
    3. \n
  3. Memorable: Can be remembered.
    4. \n
  4. Simple: Is precise, easy, and consistent.
    5. \n
  5. Many: Has many possible answers.
    6. \n
\n

You can see examples of good security questions from the University of Virginia. Let’s take a look at each of these criteria in more detail.

\n

1. Safe

\n

\n \n \n

\n

When choosing security question and answers, it’s extremely important that the correct answers cannot be guessed or researched over the internet.

\n

Here’s an example of a question that fails to meet these rules:

\n

“In what county were you born?”

\n

This question could be considered unsafe because the information can be found online. Also, this information may be common knowledge to friends and family members.

\n

Aside from these issues, if a hacker was interested in a specific account, it might be easy to brute-force their way past this question since there are only a fixed number of counties in each US state.

\n

2. Stable

\n

\n \n \n

\n

A good security question should have a fixed answer, meaning that it won’t change over time.

\n

A good example of a security question with a stable answer:

\n

“What is your oldest cousin’s first name?”

\n

This example works because the answer never changes.

\n

Note: Questions like this one might not apply to all users. Asking about someone’s wedding anniversary or cousins does them no good if they have never been married or have no cousins! It’s important to offer your consumers several questions to choose from to make sure they apply.

\n

Some examples of questions with unstable answers:

\n

“What is the title and artist of your favorite song?”

\n

“What is your work address?”

\n

Both of these examples make for poor security questions because their answers will change for most people over time. Many people change their minds about their favorite things over the course of their lives, and they also may change jobs or move to a different office location.

\n

3. Memorable

\n

\n \n \n

\n

A good security question should be easily answered by the account holders but not readily obvious to others or quickly researched.

\n

Examples of good memorable questions:

\n

“What is your oldest sibling's middle name?”

\n

Most consumers who have siblings know their middle name off the top of their heads, making this a good example of a memorable security question. This question is also excellent because someone would have to do quite a bit of digging to first find out who the consumer’s oldest sibling is, and then find their middle name in order to crack this question.

\n

“In what city or town did your mother and father meet?”

\n

Most consumers know the answer to a question like this, making it fit the criteria of being memorable. It is also more difficult to guess or research this fact. Best of all, it fits the stability criteria as well.

\n

\n \n \n

\n

Some examples of question and answers that are unmemorable include:

\n

“What is your car’s license plate number?”

\n

Many people don’t have their license plate number memorized. Also, it’s relatively simple for a potential intruder to do some digging and find this information for themselves.

\n

“What was your favorite elementary school teacher’s name?”

\n

The answer to this question may be quick to recall for someone younger, but for older consumers, things from their childhood can be a lot foggier. So answers to such questions might not come so easily. It’s good practice to try to avoid questions from a consumer’s childhood.

\n

4. Simple

\n

\n \n \n

\n

A simple question has a precise answer that doesn’t create confusion.

\n

Some examples of questions with simple answers:

\n

“What was your first car’s make and model? (e.g. Ford Taurus)”

\n

“What month and day is your anniversary? (e.g. January 2)”

\n

These both make for good security questions because the answers are specific. These questions show consumers how to format their answers in a memorable, simple way.

\n

But how many security questions should be asked? These questions can also be asked in a way that doesn’t give simple, precise answers:

\n

“What was your first car?”

\n

“When is your anniversary?”

\n

5. Many

\n

\n \n \n

\n

A good security question should have many potential answers. This makes guessing the answer much more difficult and will also slow down automated or brute-force attempts at gaining access to the consumer’s account.

\n

An example of a question with many possible answers:

\n

“What is the middle name of your oldest child?”

\n

A question with too few possible answers:

\n

“What is your birth month?”

\n

But wait. Is there any such thing as a good security question?

\n

By their very nature, even so-called good security questions are vulnerable to hackers because they aren’t random—users are meant to answer them in meaningful, memorable ways. And those answers could be obtained through phishing, social engineering, or research.

\n

There’s a scene in the movie Now You See Me 2 where a magician tricks his target into giving him the answers to his bank security questions. The magician guesses the answers and his target corrects him with the actual information. It’s a fictional example, but the phishing mechanics are real.

\n

Many social media memes tap into the answers to common security questions, such as the name of your first pet or the street you grew up on. So by innocently posting your superhero name or rapper name on Facebook, you’re inadvertently sharing important personal information.

\n

Security Questions You Should Avoid

\n

When it comes to creating security questions, there are certain types of questions that should be avoided. Questions that have answers that are easily guessed or found online should not be used.

\n

For example, questions like “What city were you born in?” or “What is your mother’s maiden name?” are too common and can be easily guessed or found online. Additionally, questions that are too personal or sensitive should also be avoided as they may make users uncomfortable or cause them to reveal too much personal information.

\n

Examples of questions to avoid include “What is your social security number?” or “What is your salary?”

\n

List of Good Security Questions One Can Use

\n

Choosing good security questions can be challenging, but there are certain types of questions that can be effective.

\n

Good security questions should have answers that are easy for the user to remember but difficult for someone else to guess. For example, questions about personal preferences or experiences can be effective, such as “What is your favorite movie?” or “What was the name of your first pet?”

\n

Another effective approach is to use questions that require numerical answers, such as “What is your favorite number?” or “How many siblings do you have?”

\n

Security Question Best Practices

\n

When choosing security questions, there are several best practices to keep in mind. First, it is important to choose questions that are easy for the user to remember but difficult for others to guess or find online.

\n

Additionally, it is important to avoid using questions that are too personal or sensitive. Another best practice is to avoid using the same security questions for multiple accounts, as this can make it easier for hackers to gain access to multiple accounts if they can answer the same security questions.

\n

Finally, it is important to regularly update security questions and answers, as well as to use two-factor authentication or other security measures to further protect accounts. By following these best practices, users can create strong security questions that help protect their online accounts.

\n

What Authentication Methods are Good Alternatives to Security Questions?

\n

Passwords and security questions aren’t the only methods for locking down consumer accounts. A good CIAM solution offers several secure alternatives:

\n

1. Multi-factor authentication

\n

Multi-factor authentication is a much more robust and secure method of consumer authentication that relies on two or more ways of verifying the consumer’s identity. Typically, the consumer will be required to present something that they know, something they possess, and/or something they are. Some examples of these different factors are:

\n\n

As an example, the MBNA bank recently decided that security questions were not doing enough for them and their consumers to keep their accounts safe. To upgrade their security, they decided to go with two-factor authentication instead of security questions in order to verify their consumer’s identities.

\n

\n \n \n

\n

Source: MBNA website

\n

In these screenshots, you can see that the transition from security questions to two-factor authentication was fairly seamless for MBNA consumers. They even had the option to choose how often they would be prompted to provide a security code as their second factor.

\n

\n \n \n

\n

Source: MBNA website

\n

2. Strong password rules

\n

By requiring your consumers to follow strong password rules, you minimize the risk of hackers brute-forcing their way into their accounts. Lengthy alphanumeric passwords with special and non-repeating characters are much more difficult for an attacker to guess. It also takes significantly longer for brute force programs to break in.

\n

3. Passwordless Login

\n

Passwordless Login takes the password right out of the equation. consumers log in with a key fob, a biometric such as a fingerprint, or a magic link. This login method eliminates the issue of consumers forgetting passwords entirely, and it also makes it impossible for hackers to crack their accounts by brute-forcing.

\n

Conclusion

\n

If you’re interested in learning why passwords are slowly becoming a thing of the past, download our e-book The Death of Passwords. There are better authentication methods than passwords and security questions available for your company—and with support from LoginRadius, you can adopt them quickly and easily.

\n

\n \n \n

\n","frontmatter":{"date":"January 31, 2019","updated_date":null,"description":"Security questions will bring to your authentication process an extra layer of certainty. Security problems are an alternative way to recognise your customers when they have forgotten their password, entered too many times the wrong passwords, or attempted to log in from a location or unknown computer.","title":"Best Practices for Choosing Good Security Questions","tags":["data security","password management","cx"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/f79a91f9673ff866743dad68c04204fe/33aa5/security-questions.jpg","srcSet":"/static/f79a91f9673ff866743dad68c04204fe/f836f/security-questions.jpg 200w,\n/static/f79a91f9673ff866743dad68c04204fe/2244e/security-questions.jpg 400w,\n/static/f79a91f9673ff866743dad68c04204fe/33aa5/security-questions.jpg 768w","sizes":"(max-width: 768px) 100vw, 768px"}}},"author":{"id":"Rakesh Soni","github":"oyesoni","avatar":"rakesh-soni.jpg"}}}},{"node":{"excerpt":"The Dangers of Bad Password Hygiene Many people use their email addresses and a small set of passwords (or even just one password) to log in…","fields":{"slug":"/identity/how-do-i-know-if-my-email-has-been-leaked-in-a-data-breach/"},"html":"

The Dangers of Bad Password Hygiene

\n

Many people use their email addresses and a small set of passwords (or even just one password) to log in to their online accounts. Unfortunately, this means that any hacker with your email address already has half your login details. Add in numerous password breaches from big-name digital service providers and you have a recipe for disaster.

\n

Since most people still recycle versions of their passwords, once one of them is released in a data leak, it could mean that all of your online accounts are compromised thanks to bad password hygiene.

\n

Even if you're one of the many people who use a selection of different passwords based on some sort of theme or the rearrangement of certain elements, an attacker could combine knowledge of one password with a brute force attack or social engineering to more easily discover your other passwords.

\n

Have I Been Pwned? Good Question!

\n

Luckily there's a well-trusted website where anyone can quickly find out if their email address has been compromised in an email leak and which company leaked your data. Have I Been Pwned? (HIBP) was set up by Troy Hunt, a highly respected digital security expert.

\n

It’s simple to find out if your email address has been compromised. Just go to Have I Been Pwned? to search their database of leaked details.

\n

HIBP doesn't just include leaked emails, but (as my friend found out) other personal data that has been exposed on the web. What you learn may surprise you—I asked a friend to try a few of their emails, and though all of their passwords were safe, other bits of personal data had been leaked by several marketing data aggregation companies.

\n

Hackers make use of many types of personal data, combining databases with known passwords when they do leak to make cracking your accounts that much quicker, so any sort of data leak can be risky.

\n

Check a few of your emails on the site, and chances are that at least one of them will have been involved in a data leak at some point, even if your passwords haven't been released.

\n

There's also a handy password checker to find out if a certain password has made its way into the public domain. (Don’t worry, the site uses hashing to keep your password anonymous and doesn’t store it.)

\n

\n \n \n

\n

Out of curiosity I checked the statistics for using \"password\" as a password—it turned out to have been pwned 3,533,661 times, a stark reminder that common sense doesn't always triumph when humans are left to their own devices regarding password strength.

\n

Subscribing to Have I Been Pwned is free and doing so will alert you to future leaks involving that email address as soon as they become public; adding additional emails is straightforward and doesn't incur any additional fees. As a website owner or administrator, you can also set up alerts that let you know if any email addresses associated with your domain have been compromised.

\n

What Should I Do if I Find My Address in an Email Leak?

\n

\n \n

If you're responsible for your company’s data security or digital platforms, then you're probably acutely aware of this fact.

\n

LoginRadius has a vested interest in maintaining the highest levels of data protection. 

\n

\n \n \n

\n","frontmatter":{"date":"January 10, 2019","updated_date":null,"description":"To log into their online accounts, many individuals use their email addresses and a short collection of passwords (or even only one password). Sadly, this means that every hacker already has half your login information with your email address. Add in multiple login violations from big-name digital service providers and you have a catastrophe recipe.","title":"How Do I Know If My Email Has Been Leaked in a Data Breach?","tags":["data security","password management","cx"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/68e50fe405a78a6072d742de4e3eecd7/33aa5/email-breach.jpg","srcSet":"/static/68e50fe405a78a6072d742de4e3eecd7/f836f/email-breach.jpg 200w,\n/static/68e50fe405a78a6072d742de4e3eecd7/2244e/email-breach.jpg 400w,\n/static/68e50fe405a78a6072d742de4e3eecd7/33aa5/email-breach.jpg 768w","sizes":"(max-width: 768px) 100vw, 768px"}}},"author":{"id":"Rakesh Soni","github":"oyesoni","avatar":"rakesh-soni.jpg"}}}}]},"markdownRemark":{"excerpt":"Identity is evolving, and developers are at the forefront of this transformation. Every day brings a new learning—adapting to new standards…","fields":{"slug":"/identity/developer-first-identity-provider-loginradius/"},"html":"

Identity is evolving, and developers are at the forefront of this transformation. Every day brings a new learning—adapting to new standards and refining approaches to building secure, seamless experiences.

\n

We’re here to support developers on that journey. We know how important simplicity, efficiency, and well-structured documentation are when working with identity and access management solutions. That’s why we’ve redesigned the LoginRadius website—to be faster, more intuitive, and developer-first in every way.

\n

The goal? Having them spend less time searching and more time building.

\n

What’s New and Improved on the LoginRadius Website?

\n

LoginRadius’ vision is to give developers a product that simplifies identity management so they can focus on building, deploying, and scaling their applications. To enhance this experience, we’ve spent the last few months redesigning our interface— making navigation more intuitive and reassuring that essential resources are easily accessible.

\n

Here’s a closer look at what’s new and why it’s important:

\n

A Developer-Friendly Dark Theme

\n

\"This

\n

Developers spend long hours working in dark-themed IDEs and terminals, so we’ve designed the LoginRadius experience to be developer-friendly and align with that preference.

\n

The new dark mode reduces eye strain, enhances readability, and provides a seamless transition between a coding environment and our platform. Our new design features a clean, modern aesthetic with a consistent color scheme and Barlow typography, ensuring better readability. High-quality graphics and icons are thoughtfully placed to enhance the content without adding visual clutter.

\n

So, whether you’re navigating our API docs or configuring authentication into your system, our improved interface will make those extended development hours more comfortable and efficient.

\n

Clear Categorization for LoginRadius Capabilities

\n

\"This

\n

We’ve restructured our website to provide a straightforward breakdown of our customer identity and access management platform capabilities, helping you quickly find what you need:

\n\n

This structured layout ensures you can quickly understand each capability and how it integrates into your identity ecosystem.

\n

Developer-First Navigation

\n

\"This

\n

We’ve been analyzing developer workflows to identify how you access key resources. That’s why we redesigned our navigation with one goal in mind: to reduce clicks and make essential resources readily available.

\n

The new LoginRadius structure puts APIs, SDKs, and integration guides right at the menu bar under the Developers dropdown so you can get started faster. Our Products, Solutions, and Customer Services are also clearly categorized, helping development teams quickly find the right tools and make informed decisions.

\n

Quick Understanding of Integration Benefits

\n

\"This

\n

Developers now have a clear view of the tech stack available with LoginRadius, designed to support diverse business needs.

\n

Our platform offers pre-built SDKs for Node.js, Python, Java, and more, making CIAM integration seamless across popular programming languages and frameworks.

\n

Over to You Now!

\n

Check out our revamped LoginRadius website and see how the improved experience makes it easier to build, scale, and secure your applications.

\n

Do not forget to explore the improved navigation and API documentation, and get started with our free trial today. We’re excited to see what you’ll build with LoginRadius!

\n","frontmatter":{"date":"February 21, 2025","updated_date":null,"description":"LoginRadius’ vision is to give developers a product that simplifies identity management so they can focus on building, deploying, and scaling their applications. To enhance this experience, we’ve redesigned our website interface, making navigation more intuitive and reassuring that essential resources are easily accessible.","title":"Revamped & Ready: Introducing the New Developer-First LoginRadius Website","tags":["Developer tools","API","Identity Management","User Authentication"],"pinned":true,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.7857142857142858,"src":"/static/80b4e4fbe176a10a327d273504607f32/58556/hero-section.webp","srcSet":"/static/80b4e4fbe176a10a327d273504607f32/61e93/hero-section.webp 200w,\n/static/80b4e4fbe176a10a327d273504607f32/1f5c5/hero-section.webp 400w,\n/static/80b4e4fbe176a10a327d273504607f32/58556/hero-section.webp 800w,\n/static/80b4e4fbe176a10a327d273504607f32/99238/hero-section.webp 1200w,\n/static/80b4e4fbe176a10a327d273504607f32/7c22d/hero-section.webp 1600w,\n/static/80b4e4fbe176a10a327d273504607f32/1258b/hero-section.webp 2732w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Rakesh Soni","github":"oyesoni","avatar":"rakesh-soni.jpg"}}}},"pageContext":{"limit":6,"skip":390,"currentPage":66,"type":"//identity//","numPages":70,"pinned":"ee8a4479-3471-53b1-bf62-d0d8dc3faaeb"}},"staticQueryHashes":["1171199041","1384082988","2100481360","23180105","528864852"]}