Collaborate Disseminate
A 3rd party company has requested that we implement single sign-on with them using the below approach. I’m familiar with OAuth grants and OIDC flows but this seems rather odd to me.
The user has already logged into my application when t… Continue reading Poor Man’s OAuth Grant – Review
I’m a student and it seems every school or university I have been to has one password that you set for your user account for logging in to university services, which is also then synced to external services the university use… Continue reading How do universities and schools securely sync passwords between multiple services?
Security researchers have found several vulnerabilities in the online game Fortnite that could have allowed hackers to break into player accounts, access their personal information, buy in-game currency with the linked credit cards and record their co… Continue reading Fortnite Attack Allowed Taking Over Player Accounts
Leaky Fortnite single sign-on mechanism could have allowed hackers to access game accounts. Continue reading Fortnite Hacked Via Insecure Single Sign-On
I want to scrape results from my company portal. It seems that my company intranet portal uses ping SSO to login.
So when I try to login, it is not asking for my username and password. When I go to the link https://portal.my… Continue reading SSLError: ("bad handshake: Error([(‘SSL routines’, ‘tls_process_server_certificate’, ‘certificate verify failed’)])")))
Simple Single Sign On (SSO) offers clear advantages for enterprises, however, along with wide SSO solution implementation has come the risk associated with simple SSO. Learn why Smart SSO can mitigate Facebook-type Breaches.
The post Facing the Faceboo… Continue reading Facing the Facebook Breach: Why Simple SSO is Not Enough
Experts say Friday’s breach remains a dangerous potential access point to even more third-party apps and websites. Continue reading Facebook Breach Sparks Concerns Around Third-Party Apps, Website Security
I have several web based applications that will redirect unauthenticated users to an ADFS sign-in page. ADFS will subsequently redirect users back to a web application once authenticated with a token.
Since the web applicati… Continue reading How to protect a login page redirect
Identity and access management (IAM) is a foundational and wide-reaching segment of any IT admin’s responsibilities. Like a Swiss army knife, IAM is not limited to a singular feature that it offers to an organization, the concept of IAM can span … Continue reading Definition of Single Sign-On
This week Gemalto was recognized at the 2018 Channelnomics Security Awards for Best Identity & Access Management offering for SafeNet Trusted Access. The Channelnomics Security Awards recognize the trailblazers in the security industry who are… Continue reading Recognizing the Best in Identity & Access Management: Gemalto Wins Best IAM Solution