Come along with me on a journey as we delve into the swirling, echoing madness of identity attacks. Today, I present a case study on how different implementations of OAuth 2.0, the core authentication ...

Google announced Monday that it has embraced OAuth for Google Apps, replacing a less secure system for developers. "Until today, Google Apps administrators had to sign requests for calls to Google ...

Researchers have discovered a set of previously unknown methods to launch URL redirection attacks against weak OAuth 2.0 implementations. These attacks can lead to the bypassing of phishing detection ...

Digital identity is becoming increasingly important as enterprises strive to protect and control access to online resources. A series of maturing standards is helping make identity management and ...

A security researcher has uncovered serious security vulnerabilities in the technologies used by many websites to authenticate users via third-party websites. A blog posted late last week revealed the ...

As identity and access management and single sign-on become more prevalent across government, IT pros should catch up on the differences between different security protocols. In April 2018, the Office ...

Signing users in to a mobile or web app isn’t necessarily hard, but keeping their credentials safe is something that’s often best left to specialists. The OpenID Foundation today announced the launch ...

Since the beginning of distributed personal computer networks, one of the toughest computer security nuts to crack has been to provide a seamless, single sign-on (SSO) access experience among multiple ...

Options for building enterprise authentication infrastructure are expanding as new RESTful service alternatives emerge to support identity and security needs, such as federation, digital signatures, ...

Federation is a model of identity management that distributes the various individual components of an identity operation amongst different actors. The presumption being that the jobs can be ...