Dark Reading

OAuth, OpenID Flaw: 7 Facts

The recently disclosed security flaws in some implementations of the widely used OAuth and OpenID website authentication mechanisms are serious. But they're not nearly as bad as the recently ...
Security Boulevard

The Complete Guide to Authentication Implementation for Modern Applications

A comprehensive developer guide to implementing secure authentication in modern applications. Covers OAuth 2.0, OIDC, ...
secureidnews.com

Why the future of authentication isn’t SAML

The future of authentication will not rely on SAML, but with OpenID Connect and OAuth 2 instead, Dave Kearns contends in a blog post for KuppingerCole. SAML, or Security Assertion Markup Language, is ...
Threat Post

Critical Holes in OAuth, OpenID Could Leak Information, Redirect Users

A serious vulnerability in both the OAuth and OpenID protocols could lead to complications for those who use the services to login to websites like Facebook, Google, LinkedIn, Yahoo, Microsoft, PayPal ...
Bleeping Computer

SAML Vulnerability Lets Attackers Log in as Other Users

Security researchers from Duo Labs and the US Computer Emergency Response Team Coordination Center (CERT/CC) will release security advisories today detailing a new SAML vulnerability that allows ...
secureidnews.com

SAML 2.0: The Universal ID Solvent

Digital identity is becoming increasingly important as enterprises strive to protect and control access to online resources. A series of maturing standards is helping make identity management and ...
The Next Web

Facebook Connect, OAuth and OpenID: The differences and the future

With today’s announcement from Facebook of its plans to take its Facebook Connect program into the mobile sphere with Single Sign-on, it started to raise some questions from across various points. On ...