62°F

Aaron Parecki

  • Articles
  • Notes
  • Photos

#security

  • Passkeys for Normal People (www.troyhunt.com)
    Wed, May 7, 2025 7:15pm -07:00 #passkeys #security
  • Aaron Parecki
    Chase sends 8-digit 2fa SMS codes, which seems excessive compared to the 6 that most other places use, but even weirder is that the first digit of them has always been the same, effectively making it a 7 digit code. Anyone know what's up with that?
    Portland, Oregon, USA • 41°F
    4 likes 7 replies
    Sat, Feb 15, 2025 5:56pm -08:00 #security #sms #2fa
  • Aaron Parecki
    At long last, the OAuth working group has finished the Best Current Practice for OAuth 2.0 Security and it was just published as RFC9700! This has been a long time in the works, and I'm very thankful to everyone who has helped out with it over the years!

    https://www.rfc-editor.org/rfc/rfc9700.html

    This is one of the major inputs to OAuth 2.1, so I'm also very excited to be able to move that forward this year as well!
    Portland, Oregon • 37°F
    65 likes 36 reposts 3 replies
    Tue, Feb 4, 2025 11:15am -08:00 #ietf #oauth #rfc #security
  • Millions of Accounts Vulnerable due to Google’s OAuth Flaw ◆ Truffle Security Co. (trufflesecurity.com)
    Tue, Jan 14, 2025 1:08pm -08:00 #oauth #security
  • Aaron Parecki
    Someone broke through the chain link fence last week, in broad daylight, while I was home, and didn't notice at the time.

    I started thinking about what I could do about it, and it turns out the EA Unifi cameras have a new webhook feature. So now my cameras send a webhook to Home Assistant when someone crosses a virtual line, and it will trigger the siren. Since this is a line crossing event, not generic person detection, I can leave it armed 24/7, since nobody should be in that area at all.
    Portland, Oregon, USA • 91°F
    10 likes 2 replies
    Thu, Aug 8, 2024 7:03pm -07:00 #homeautomation #security #homeassistant #unifi
  • Google Online Security Blog: Improving the security of Chrome cookies on Windows (security.googleblog.com)
    Tue, Jul 30, 2024 2:08pm -07:00 #chrome #security #google
  • Calendar Meeting Links Used to Spread Mac Malware – Krebs on Security (krebsonsecurity.com)
    Wed, Feb 28, 2024 11:34am -08:00 #security #malware
  • How I Fell for an Amazon Scam Call and Handed Over $50,000 (www.thecut.com)
    Fri, Feb 16, 2024 3:51pm -08:00 #security #scam
  • Aaron Parecki
    Now that @1Password launched passkey support *and* it's integrated into iOS 17 with the 1Password app, I feel like I can finally actually take the plunge and set up passkeys everywhere!

    No more passwords! and the login UX is so much better too!
    Portland, Oregon, USA • 59°F
    32 likes 9 reposts 2 replies 1 mention
    Sat, Sep 23, 2023 6:48pm -07:00 #security #passkey #password
  • HPKE: Standardizing public-key encryption (finally!) (blog.cloudflare.com)
    Wed, Aug 30, 2023 6:05pm -07:00 #encryption #security
  • Device Bound Session Credentials explainer (github.com)
    Tue, Aug 29, 2023 3:50pm -07:00 #cookies #browsers #security #oauth
  • MSEdgeExplainers/BindingContext/explainer.md at main · MicrosoftEdge/MSEdgeExplainers (github.com)
    Tue, Aug 29, 2023 3:49pm -07:00 #dpop #bpop #oauth #security #cookies #browsers
  • London (LHR) to Portland (PDX)
    August 25, 2023 from 3:30pm (+0100) to 5:20pm (-0700)
    British Airways Flight 267
    Portland Intl in Portland
    permalink #oauth #security
  • OAuth Security Workshop
    Aug
    22
    Aug
    23
    Aug
    24
    August 22-24, 2023
    3 days
    Royal Holloway
    Runnymede, England, GBR
    permalink #oauth #security #osw
  • Portland (PDX) to London (LHR)
    August 18, 2023 at 7:10pm (-0700) until Aug 19 at 12:35pm (+0100)
    British Airways Flight 266
    Heathrow in London
    permalink #oauth #security
  • London
    Aug
    18
    Aug
    …
    Aug
    25
    August 18-25, 2023
    8 days
    London
    London, England, GB
    permalink #oauth #security
  • Aaron Parecki
    May the 4th be with you! Brand new OAuth shirts just launched: "I find your lack of security disturbing"

    Available in a variety of styles and also as a hacker hoodie!

    https://shop.oauth.net/listing/lack-of-security-disturbing?product=46
    Portland, Oregon, USA • 49°F
    12 likes 4 reposts 1 reply
    Thu, May 4, 2023 11:31am -07:00 #oauth #security
  • Chloé Messdaghi https://twitter.com/ChloeMessdaghi
    Excited to host the "Security Superstream: Application Security" event tomorrow with @OReillyMedia. Join experts in the field to learn about the latest techniques for securing your applications and data.

    Register now: https://www.oreilly.com/live-events/security-superstream-application-security/0636920083707/0636920083706/
    #security #appsec #cybersecurity
    Portland, Oregon • 50°F
    Wed, Apr 12, 2023 3:55pm +00:00 (liked on Wed, Apr 12, 2023 5:16pm -07:00) #security #appsec #cybersecurity
  • Xenomorph Android malware now steals data from 400 banks (www.bleepingcomputer.com)
    Wed, Apr 12, 2023 10:05am -07:00 #security #android
  • Aaron Parecki
    we all know the real reason you install iOS updates 👀

    p.s. go update your devices
    Portland, Oregon, USA • 48°F
    28 likes 11 reposts 6 replies
    Fri, Apr 7, 2023 8:26pm -07:00 #security #emoji #ios
older

Hi, I'm Aaron Parecki, Director of Identity Standards at Okta, and co-founder of IndieWebCamp. I maintain oauth.net, write and consult about OAuth, and participate in the OAuth Working Group at the IETF. I also help people learn about video production and livestreaming. (detailed bio)

I've been tracking my location since 2008 and I wrote 100 songs in 100 days. I've spoken at conferences around the world about owning your data, OAuth, quantified self, and explained why R is a vowel. Read more.

  • Director of Identity Standards at Okta
  • IndieWebCamp Founder
  • OAuth WG Editor
  • OpenID Board Member

  • 🎥 YouTube Tutorials and Reviews
  • 🏠 We're building a triplex!
  • ⭐️ Life Stack
  • ⚙️ Home Automation
  • All
  • Articles
  • Bookmarks
  • Notes
  • Photos
  • Replies
  • Reviews
  • Trips
  • Videos
  • Contact
© 1999-2025 by Aaron Parecki. Powered by p3k. This site supports Webmention.
Except where otherwise noted, text content on this site is licensed under a Creative Commons Attribution 3.0 License.
IndieWebCamp Microformats Webmention W3C HTML5 Creative Commons
WeChat ID
aaronpk_tv