Security Boulevard

Single Sign-On with External Security Token Services

Learn how to implement Single Sign-On with External Security Token Services (STS). A deep dive into SAML, OIDC, and token exchange for CTOs and VP Engineering.
Security Boulevard

What Is a Security Token Service?

Learn how a Security Token Service (STS) brokers trust in Enterprise SSO and CIAM. Explore token issuance, validation, and federated identity for CTOs.
Dark Reading

'Log in with...' Feature Allows Full Online Account Takeover for Millions

Flaws in the implementation of the Open Authorization (OAuth) standard across three prominent online services could have allowed attackers to take over hundreds of millions of user accounts on dozens ...
Android Authority

Gmail login without a password? Google to offer NFC-enabled tokens next year

Let’s face it, using passwords to authenticate into a system is a broken mess. To be effective, passwords need to be unique, long, complex, and frequently changed, which may be acceptable in a tightly ...
Android Authority

How to get your Discord token

When you create a Discord account, you’re assigned a token. Your Discord token is separate from your username, tag, and password, and allows whoever has it to log ...
Threat Post

Convenient Google WebLogin Tokens Can Expose User Accounts, Data

A researcher demonstrated an exposure in the Google ecosystem that allows an attacker to steal a WebLogin single sign-on token to access all of the Google services a user has configured. An exposure ...
Finextra

Citi ditches physical tokens for app-based login to corporate platforms

Citi ditches physical tokens for app-based login to corporate platforms Citi is replacing physical tokens with an app-based mobile log-in for authentication of corporate treasury professionals logging ...