Authentication

Login and authentication in 2023 explained - Passkeys, Google Authenticator, TouchID

Photo of Aeneas Rekkas
Aeneas RekkasFounder, CTO

Explore the latest authentication methods and their benefits and drawbacks in this in-depth article. This article provides valuable insights into how to secure your online services with strong authentication mechanisms.

Read



Authentication

Understanding auth and its usage in modern software

Photo of Alano Terblanche
Alano TerblancheSoftware Developer

Do I need authentication or authorization? Do I require a session? Is a session a cookie or a token? Do I require JWTs or Cookies?

Read

Authentication

Impersonating users by abusing broken “Sign in with” implementations

Photo of Aeneas Rekkas
Aeneas RekkasFounder, CTO

Applications that implement a "Sign in with ..." flow must not use a mutable identifier to match external users to the internal user management system. Several web applications implementing "Sign in with GitHub" have been found to be vulnerable to this.

Read