The recently disclosed security flaws in some implementations of the widely used OAuth and OpenID website authentication mechanisms are serious. But they're not nearly as bad as the recently ...

A serious vulnerability in both the OAuth and OpenID protocols could lead to complications for those who use the services to login to websites like Facebook, Google, LinkedIn, Yahoo, Microsoft, PayPal ...

The future of authentication will not rely on SAML, but with OpenID Connect and OAuth 2 instead, Dave Kearns contends in a blog post for KuppingerCole. SAML, or Security Assertion Markup Language, is ...

What is SAML and what is it used for? The Security Assertion Markup Language (SAML) is an open standard that allows security credentials to be shared by multiple computers across a network. It ...

As you may already know, Single sign-on (SSO) is the facility by which a user can gain access to multiple sites using just a single log in. The simplest mechanism to enable SSO is through cookies but ...

With today’s announcement from Facebook of its plans to take its Facebook Connect program into the mobile sphere with Single Sign-on, it started to raise some questions from across various points. On ...

If you’re a security and risk professional in charge of protecting consumer-facing applications, you may have heard that OpenID is a “toy,” or it’s an insecure protocol, or other critiques. And then ...

A thorny problem for many organisations running a website is the registration process for new users. The marketing department wants to capture as much information about each new user as possible, but ...