#authentication

• Dima Postnikov https://twitter.com/dima_postnikov

  Great article by @aaronpk on why you should never roll your own authentication.
  https://aaronparecki.com/2020/05/31/30/the-real-cause-of-the-sign-in-with-apple-zero-day
  #cybersecurity #datasecurity #privacy #authentication #consumerdataright #openbanking

  Portland, Oregon • 50°F

  #cybersecurity #datasecurity #privacy #authentication #consumerdataright #openbanking

  Mon, Jun 1, 2020 8:18am +00:00 (liked on Mon, Jun 1, 2020 6:31am -07:00)
• Jeremy Keith https://adactio.com/

  samuelgoto/sms-receiver: phone number verification

  September 7th, 2019

  An interesting proposal to allow websites to detect certain SMS messages. The UX implications are fascinating.

  Portland, Oregon • 62°F

  #sms #mobile #phones #devices #api #proposal #browsers #standards #authentication #verification #ux #ui #interface #flow

  Sat, Sep 7, 2019 7:48am +00:00 (liked on Sat, Sep 7, 2019 7:20am -07:00)
• PodPass: Proposal for an Open Protocol to Enable Direct Listener Relationships – RadioPublic (about.radiopublic.com)

  #podcast #rss #authentication #spec

  Mon, Aug 12, 2019 1:32pm -05:00
• Using Hardware Token-based 2FA with the WebAuthn API – Mozilla Hacks – the Web developer blog (hacks.mozilla.org)

  "As a credential is cryptographically tied to the web site that requested it, this step would fail if the origins don’t match. This prevents reuse of credentials generated for other websites."

  #webauthn #authentication

  Wed, Apr 11, 2018 6:17pm -07:00
• Portier - An email-based, passwordless authentication service (portier.github.io)

  

  #portier #email #authentication #persona

  Tue, Nov 1, 2016 12:35pm -07:00
• Authentication Without Encryption for Ham Radio (rietta.com)

  

  #hamradio #radio #authentication

  Sun, Oct 30, 2016 6:16pm -07:00

• So you implemented an OAuth 2.0 API...

  While OAuth 2.0 is a good framework for building an API, the spec itself leaves many things un-specified, and it's up to the implementer to make a decision based on their own security requirements. As such, most OAuth 2.0 implementations are not interoperable, which is often cited as a failure of OAuth 2.0. On the other hand, the current state of OAuth 2.0 implementations is that they are often similar enough that developers don't need to learn too many new concepts when dealing with them.

  continue reading...

  19 likes 6 reposts 3 replies 5 mentions

  #oauth #oauth2 #standards #web #authentication #checklist

  Thu, Jan 15, 2015 12:15pm -08:00
• OAuth 2.0 and Sign-In (www.cloudidentity.com)

  OAuth 2.0 is not a sign-in protocol. Sign-in can be implemented by augmenting OAuth, and people routinely do so...

  #oauth #oauth2 #authentication #internet

  Sat, Jan 3, 2015 7:49pm -08:00

• Password-less Logins from Your Own Domain with a Pebble Watch

  IndieAuth is a way to use your own domain name to sign in to websites. To sign in, you enter your domain name, and IndieAuth looks for a supported authentication provider on your site and uses that to sign you in.

  continue reading...

  1 like 1 mention

  #indieauth #indieweb #pebble #authentication

  Mon, Jul 15, 2013 7:42pm -07:00

• OAuth 2 Simplified

  This post describes OAuth 2 in a simplified format to help developers and service providers implement the protocol.

  continue reading...

  2 mentions

  #oauth #oauth2 #standards #web #authentication

  Sun, Jul 29, 2012 9:30am -07:00

• Introducing IndieAuth

  IndieAuth is a service that implements RelMeAuth, originally proposed by Tantek Çelik in February 2010. The original algorithm was described in a short text update on Tantek's website. Later that evening, Jeff Lindsay and Paul Tarjan implemented RelMeAuth in an open source Python library at Hacker Dojo and discussed/tested it in IRC. Tantek later launched a RelMeAuth prototype on his domain, which you can try out at tantek.com/relmeauth.

  continue reading...

  #indieauth #web #standards #authentication

  Mon, Jun 18, 2012 11:46am -07:00
• BrowserID Quick Setup (developer.mozilla.org)

  #authentication #browserid

  Fri, May 18, 2012 8:17pm -07:00
• How BrowserID Works (lloyd.io)

  #authentication #browserid #mozilla

  Fri, May 18, 2012 8:17pm -07:00
• What is BrowserID and how does it work? (support.mozilla.org)

  #authentication #browserid #mozilla

  Fri, May 18, 2012 8:16pm -07:00
• Matasano Security LLC - Chargen - Enough With The Rainbow Tables: What You Need To Know About Secure Password Schemes (chargen.matasano.com)

  #algorithm #authentication #crypto #cryptography #database #encryption #hash #md5 #password #php #security #web

  Fri, Sep 10, 2010 8:57am -07:00
• OAuth / OAuth 2 (wiki.oauth.net)

  #authentication #geoloqi #oauth #oauth2

  Tue, Jul 20, 2010 12:02pm -07:00
• oauth2-php - Project Hosting on Google Code (code.google.com)

  #authentication #geoloqi #oauth #php

  Tue, Jul 20, 2010 12:02pm -07:00
• Writing an OAuth Provider Service - Rasmus' Toys Page (toys.lerdorf.com)

  #authentication #oauth #php #tutorial

  Sun, Jul 11, 2010 4:06pm -07:00
• Authentication Module for Apache (www.frogdot.org)

  #apache #authentication #ownyourdata

  Fri, Jun 4, 2010 1:46pm -07:00
• How to use Foursquare API with OAuth and PHP – Andrew Mager (andrewmager.com)

  #api #authentication #foursquare #location #oauth #ownyourdata #tutorial

  Sat, May 29, 2010 8:42pm -07:00