Atsign introduces NoPorts for enhanced website security

NoPorts now makes private websites invisible to attackers and accessible only through cryptographically authenticated connections.

Atsign has announced a new technology called NoPorts that enhances the security of private websites. This solution creates invisibility for these sites until users are cryptographically authenticated, mitigating potential attack avenues by ensuring that only authorized individuals can gain access.

Private websites, often holding sensitive information for entities like legal and financial organizations, usually maintain open ports which can lead to unauthorized access attempts. Such vulnerabilities allow attackers to exploit common methods, including credential stuffing and brute-force attacks.

“Current 'private' websites are fundamentally flawed. They are easily discovered by bad actors thanks to open ports and allow connections prior to authentication, enabling a variety of attacks. NoPorts flips that model, by closing all inbound network ports and demanding cryptographic proof of identity before any connection, ensuring true invisibility and security,” said Barbara Tallent, CEO of Atsign.

NoPorts enhances security through:

• Invisibility - By closing open ports, NoPorts prevents unauthorized discovery and access.
• Cryptographic identity verification - This replaces traditional authentication methods by requiring cryptographic proof before allowing connections.
• End-to-End Encryption (E2EE) - Ensures that all communications remain protected, even on compromised networks.

This method aims to strengthen security without complicating accessibility for authorized users. NoPorts simplifies the management of security resources while helping reduce organizational IT overhead.

The announcement builds upon ongoing developments in NoPorts technology, which has already been implemented for various devices and models, indicating its wide-ranging applicability.