Have you ever come across something years old that is so dead on about a topic important to you that you can’t believe you didn’t know it existed? I felt that way when I stumbled across an excellent ...

There’s no arguing that passwords are becoming less and less reliable in protecting our data and identities. Their management, protection and memorization are becoming increasingly problematic, and ...

A deep dive into implicit identity authentication methods for software development, covering oauth 2.0 flows, security risks, and modern alternatives for single-page applications.

As promised last issue, I’m re-printing a glossary of strong/second factor authentication methods that TriCipher provided me along with the results of its sponsored survey on people’s perceptions of ...

A deep dive comparing API Keys, OAuth 2.0, JWT, and HMAC for CTOs. Learn which api authentication method fits your enterprise SSO and IAM strategy.

With strong support from Google, Microsoft and other vendors, WebAuthN is poised to become a true standard for passwordless authentication over the web. For decades we’ve been trying to replace the ...

In today’s digital age, personal data is never safe. Cybercriminals are looking for every opportunity possible to acquire your user data. Ongoing data breaches continue to expose usernames, passwords, ...