47°F

Aaron Parecki

  • Articles
  • Notes
  • Photos

#Authentication

  • Ricky Mondello » Magic Links Have Rough Edges, but Passkeys Can Smooth Them Over (rmondello.com)
    Sun, Jan 5, 2025 12:41pm -08:00 #passkeys #email #authentication #login
  • A Yubico FAQ about passkeys - Yubico (www.yubico.com)
    Wed, Aug 17, 2022 2:30pm -07:00 #yubikey #authentication #security #fido #passkey
  • Authentication and authorization for Azure Static Web Apps | Microsoft Docs (docs.microsoft.com)
    Fri, Jul 23, 2021 5:22pm -07:00 #azure #authentication #oauth
  • The New Stack https://twitter.com/thenewstack
    Mobile Development Gains in Databases and Authentication https://bit.ly/3bxogWm @bcamerongain @alexwilliams @IanPWard @aaronpk @rdegges @okta #Sponsored #mobile #database #Authentication
    Portland, Oregon • 54°F
    Wed, Mar 10, 2021 11:37pm +00:00 (liked on Wed, Mar 10, 2021 3:56pm -08:00) #Sponsored #mobile #database #Authentication
  • Dima Postnikov https://twitter.com/dima_postnikov
    Great article by @aaronpk on why you should never roll your own authentication.
    https://aaronparecki.com/2020/05/31/30/the-real-cause-of-the-sign-in-with-apple-zero-day
    #cybersecurity #datasecurity #privacy #authentication #consumerdataright #openbanking
    Portland, Oregon • 50°F
    Mon, Jun 1, 2020 8:18am +00:00 (liked on Mon, Jun 1, 2020 6:31am -07:00) #cybersecurity #datasecurity #privacy #authentication #consumerdataright #openbanking
  • Jeremy Keith https://adactio.com/

    samuelgoto/sms-receiver: phone number verification

    September 7th, 2019

    An interesting proposal to allow websites to detect certain SMS messages. The UX implications are fascinating.

    Portland, Oregon • 62°F
    Sat, Sep 7, 2019 7:48am +00:00 (liked on Sat, Sep 7, 2019 7:20am -07:00) #sms #mobile #phones #devices #api #proposal #browsers #standards #authentication #verification #ux #ui #interface #flow
  • PodPass: Proposal for an Open Protocol to Enable Direct Listener Relationships – RadioPublic (about.radiopublic.com)
    Mon, Aug 12, 2019 1:32pm -05:00 #podcast #rss #authentication #spec
  • Using Hardware Token-based 2FA with the WebAuthn API – Mozilla Hacks – the Web developer blog (hacks.mozilla.org)
    "As a credential is cryptographically tied to the web site that requested it, this step would fail if the origins don’t match. This prevents reuse of credentials generated for other websites."
    Wed, Apr 11, 2018 6:17pm -07:00 #webauthn #authentication
  • Portier - An email-based, passwordless authentication service (portier.github.io)
    Tue, Nov 1, 2016 12:35pm -07:00 #portier #email #authentication #persona
  • Authentication Without Encryption for Ham Radio (rietta.com)
    Sun, Oct 30, 2016 6:16pm -07:00 #hamradio #radio #authentication
  • So you implemented an OAuth 2.0 API...

    While OAuth 2.0 is a good framework for building an API, the spec itself leaves many things un-specified, and it's up to the implementer to make a decision based on their own security requirements. As such, most OAuth 2.0 implementations are not interoperable, which is often cited as a failure of OAuth 2.0. On the other hand, the current state of OAuth 2.0 implementations is that they are often similar enough that developers don't need to learn too many new concepts when dealing with them.
    continue reading...
    19 likes 6 reposts 3 replies 5 mentions
    Thu, Jan 15, 2015 12:15pm -08:00 #oauth #oauth2 #standards #web #authentication #checklist
  • OAuth 2.0 and Sign-In (www.cloudidentity.com)
    OAuth 2.0 is not a sign-in protocol. Sign-in can be implemented by augmenting OAuth, and people routinely do so...
    Sat, Jan 3, 2015 7:49pm -08:00 #oauth #oauth2 #authentication #internet
  • Password-less Logins from Your Own Domain with a Pebble Watch

    IndieAuth is a way to use your own domain name to sign in to websites. To sign in, you enter your domain name, and IndieAuth looks for a supported authentication provider on your site and uses that to sign you in.
    continue reading...
    1 like 1 mention
    Mon, Jul 15, 2013 7:42pm -07:00 #indieauth #indieweb #pebble #authentication
  • OAuth 2 Simplified

    This post describes OAuth 2 in a simplified format to help developers and service providers implement the protocol.
    continue reading...
    2 mentions
    Sun, Jul 29, 2012 9:30am -07:00 #oauth #oauth2 #standards #web #authentication
  • Introducing IndieAuth

    IndieAuth is a service that implements RelMeAuth, originally proposed by Tantek Çelik in February 2010. The original algorithm was described in a short text update on Tantek's website. Later that evening, Jeff Lindsay and Paul Tarjan implemented RelMeAuth in an open source Python library at Hacker Dojo and discussed/tested it in IRC. Tantek later launched a RelMeAuth prototype on his domain, which you can try out at tantek.com/relmeauth.
    continue reading...
    Mon, Jun 18, 2012 11:46am -07:00 #indieauth #web #standards #authentication
  • BrowserID Quick Setup (developer.mozilla.org)
    Fri, May 18, 2012 8:17pm -07:00 #authentication #browserid
  • How BrowserID Works (lloyd.io)
    Fri, May 18, 2012 8:17pm -07:00 #authentication #browserid #mozilla
  • What is BrowserID and how does it work? (support.mozilla.org)
    Fri, May 18, 2012 8:16pm -07:00 #authentication #browserid #mozilla
  • Matasano Security LLC - Chargen - Enough With The Rainbow Tables: What You Need To Know About Secure Password Schemes (chargen.matasano.com)
    Fri, Sep 10, 2010 8:57am -07:00 #algorithm #authentication #crypto #cryptography #database #encryption #hash #md5 #password #php #security #web
  • OAuth / OAuth 2 (wiki.oauth.net)
    Tue, Jul 20, 2010 12:02pm -07:00 #authentication #geoloqi #oauth #oauth2
older

Hi, I'm Aaron Parecki, Director of Identity Standards at Okta, and co-founder of IndieWebCamp. I maintain oauth.net, write and consult about OAuth, and participate in the OAuth Working Group at the IETF. I also help people learn about video production and livestreaming. (detailed bio)

I've been tracking my location since 2008 and I wrote 100 songs in 100 days. I've spoken at conferences around the world about owning your data, OAuth, quantified self, and explained why R is a vowel. Read more.

  • Director of Identity Standards at Okta
  • IndieWebCamp Founder
  • OAuth WG Editor
  • OpenID Board Member

  • 🎥 YouTube Tutorials and Reviews
  • 🏠 We're building a triplex!
  • ⭐️ Life Stack
  • ⚙️ Home Automation
  • All
  • Articles
  • Bookmarks
  • Notes
  • Photos
  • Replies
  • Reviews
  • Trips
  • Videos
  • Contact
© 1999-2025 by Aaron Parecki. Powered by p3k. This site supports Webmention.
Except where otherwise noted, text content on this site is licensed under a Creative Commons Attribution 3.0 License.
IndieWebCamp Microformats Webmention W3C HTML5 Creative Commons
WeChat ID
aaronpk_tv