61°F

Aaron Parecki

  • Articles
  • Notes
  • Photos

#Authentication

  • A Yubico FAQ about passkeys - Yubico (www.yubico.com)
    #yubikey #authentication #security #fido #passkey
    Wed, Aug 17, 2022 2:30pm -07:00
  • Authentication and authorization for Azure Static Web Apps | Microsoft Docs (docs.microsoft.com)
    #azure #authentication #oauth
    Fri, Jul 23, 2021 5:22pm -07:00
  • The New Stack https://twitter.com/thenewstack
    Mobile Development Gains in Databases and Authentication https://bit.ly/3bxogWm @bcamerongain @alexwilliams @IanPWard @aaronpk @rdegges @okta #Sponsored #mobile #database #Authentication
    Portland, Oregon • 54°F
    #Sponsored #mobile #database #Authentication
    Wed, Mar 10, 2021 11:37pm +00:00 (liked on Wed, Mar 10, 2021 3:56pm -08:00)
  • Dima Postnikov https://twitter.com/dima_postnikov
    Great article by @aaronpk on why you should never roll your own authentication.
    https://aaronparecki.com/2020/05/31/30/the-real-cause-of-the-sign-in-with-apple-zero-day
    #cybersecurity #datasecurity #privacy #authentication #consumerdataright #openbanking
    Portland, Oregon • 50°F
    #cybersecurity #datasecurity #privacy #authentication #consumerdataright #openbanking
    Mon, Jun 1, 2020 8:18am +00:00 (liked on Mon, Jun 1, 2020 6:31am -07:00)
  • Jeremy Keith https://adactio.com/

    samuelgoto/sms-receiver: phone number verification

    September 7th, 2019

    An interesting proposal to allow websites to detect certain SMS messages. The UX implications are fascinating.

    Portland, Oregon • 62°F
    #sms #mobile #phones #devices #api #proposal #browsers #standards #authentication #verification #ux #ui #interface #flow
    Sat, Sep 7, 2019 7:48am +00:00 (liked on Sat, Sep 7, 2019 7:20am -07:00)
  • PodPass: Proposal for an Open Protocol to Enable Direct Listener Relationships – RadioPublic (about.radiopublic.com)
    #podcast #rss #authentication #spec
    Mon, Aug 12, 2019 1:32pm -05:00
  • Using Hardware Token-based 2FA with the WebAuthn API – Mozilla Hacks – the Web developer blog (hacks.mozilla.org)
    "As a credential is cryptographically tied to the web site that requested it, this step would fail if the origins don’t match. This prevents reuse of credentials generated for other websites."
    #webauthn #authentication
    Wed, Apr 11, 2018 6:17pm -07:00
  • Portier - An email-based, passwordless authentication service (portier.github.io)
    #portier #email #authentication #persona
    Tue, Nov 1, 2016 12:35pm -07:00
  • Authentication Without Encryption for Ham Radio (rietta.com)
    #hamradio #radio #authentication
    Sun, Oct 30, 2016 6:16pm -07:00
  • So you implemented an OAuth 2.0 API...

    While OAuth 2.0 is a good framework for building an API, the spec itself leaves many things un-specified, and it's up to the implementer to make a decision based on their own security requirements. As such, most OAuth 2.0 implementations are not interoperable, which is often cited as a failure of OAuth 2.0. On the other hand, the current state of OAuth 2.0 implementations is that they are often similar enough that developers don't need to learn too many new concepts when dealing with them.
    continue reading...
    19 likes 6 reposts 3 replies 5 mentions
    #oauth #oauth2 #standards #web #authentication #checklist
    Thu, Jan 15, 2015 12:15pm -08:00
  • OAuth 2.0 and Sign-In (www.cloudidentity.com)
    OAuth 2.0 is not a sign-in protocol. Sign-in can be implemented by augmenting OAuth, and people routinely do so...
    #oauth #oauth2 #authentication #internet
    Sat, Jan 3, 2015 7:49pm -08:00
  • Password-less Logins from Your Own Domain with a Pebble Watch

    IndieAuth is a way to use your own domain name to sign in to websites. To sign in, you enter your domain name, and IndieAuth looks for a supported authentication provider on your site and uses that to sign you in.
    continue reading...
    1 like 1 mention
    #indieauth #indieweb #pebble #authentication
    Mon, Jul 15, 2013 7:42pm -07:00
  • OAuth 2 Simplified

    This post describes OAuth 2 in a simplified format to help developers and service providers implement the protocol.
    continue reading...
    2 mentions
    #oauth #oauth2 #standards #web #authentication
    Sun, Jul 29, 2012 9:30am -07:00
  • Introducing IndieAuth

    IndieAuth is a service that implements RelMeAuth, originally proposed by Tantek Çelik in February 2010. The original algorithm was described in a short text update on Tantek's website. Later that evening, Jeff Lindsay and Paul Tarjan implemented RelMeAuth in an open source Python library at Hacker Dojo and discussed/tested it in IRC. Tantek later launched a RelMeAuth prototype on his domain, which you can try out at tantek.com/relmeauth.
    continue reading...
    #indieauth #web #standards #authentication
    Mon, Jun 18, 2012 11:46am -07:00
  • BrowserID Quick Setup (developer.mozilla.org)
    #authentication #browserid
    Fri, May 18, 2012 8:17pm -07:00
  • How BrowserID Works (lloyd.io)
    #authentication #browserid #mozilla
    Fri, May 18, 2012 8:17pm -07:00
  • What is BrowserID and how does it work? (support.mozilla.org)
    #authentication #browserid #mozilla
    Fri, May 18, 2012 8:16pm -07:00
  • Matasano Security LLC - Chargen - Enough With The Rainbow Tables: What You Need To Know About Secure Password Schemes (chargen.matasano.com)
    #algorithm #authentication #crypto #cryptography #database #encryption #hash #md5 #password #php #security #web
    Fri, Sep 10, 2010 8:57am -07:00
  • OAuth / OAuth 2 (wiki.oauth.net)
    #authentication #geoloqi #oauth #oauth2
    Tue, Jul 20, 2010 12:02pm -07:00
  • oauth2-php - Project Hosting on Google Code (code.google.com)
    #authentication #geoloqi #oauth #php
    Tue, Jul 20, 2010 12:02pm -07:00
next

Hi, I'm Aaron Parecki, Senior Security Architect at Okta, and co-founder of IndieWebCamp. I maintain oauth.net, write and consult about OAuth, and participate in the OAuth Working Group at the IETF. I also help people learn about video production and livestreaming and dabble in product design.

I've been tracking my location since 2008 and I wrote 100 songs in 100 days. I've spoken at conferences around the world about owning your data, OAuth, quantified self, and explained why R is a vowel. Read more.

  • Security Architect at Okta
  • IndieWebCamp Founder
  • OAuth WG Member

  • 🎥 YouTube Tutorials and Reviews
  • 🏠 We're building a triplex!
  • ⭐️ Life Stack
  • ⚙️ Home Automation
  • All
  • Articles
  • Bookmarks
  • Notes
  • Photos
  • Replies
  • Reviews
  • Trips
  • Videos
  • Contact
© 1999-2023 by Aaron Parecki. Powered by p3k. This site supports Webmention.
Except where otherwise noted, text content on this site is licensed under a Creative Commons Attribution 3.0 License.
IndieWebCamp Microformats Webmention W3C HTML5 Creative Commons
WeChat ID
aaronpk_tv