eID and SSI

The eIDAS regulation came to life in 2014. Now it looks like decentralized identities (self-sovereign identities) for eIDs will follow. The idea is interesting: the user is in control of their identities. So far, however, self-sovereign identities has been a research topic and have hardly been tested in real-world. This raises the question which lessons […]

Nerdhorn and Fallback Authentication


Fallback Authentication describes the authentication method that is used if one of the commonly used factors does not work. The nerdhorn usually authenticates itself via face recognition on the smartphone. However, it is no longer recognized by the mask, for example. As an alternative, the font counts here. As is the case here, the alternative […]

Nerdhorn and Credential Stuffing


Account or credential stuffing is an attack in which the attacker tries out stolen credentials, usually username / email address and password, on many different websites. This attack can be automated by tools for automation in the web area, such as Selenium, curl or PhantomJS, or special tools such as SNIPR or STORM. This attack […]