This entry was posted in Gluu and tagged AppAuth, authentication, Google, Mobile, mobile SSO, OAuth, oauth2, Okta, openid connect, Ping, PKCE, security, sso on .
In a WebView, any malicious code in the page has the same rights as the application. This means you need to make sure to only load trusted content. But there is another risk–a malicious app may also have access to browser content (like cookies) and may snoop passwords or intercept OAuth codes. So if you … Read more >>
This entry was posted in Gluu and tagged 2fa, authentication, IOT, oauth2, openid connect, uma on .
Today, consumers have no way to centrally manage access to all their Web stuff and IOT devices are threatening to create a whole new silo of security problems. This is one of the reasons I’ve been participating in the Open InterConnect Consortium Security Task Group. People can’t individually manage every IOT device in their house. … Read more >>
This entry was posted in Gluu and tagged 2fa, authentication, opeind connect, openid, SAML IdP, social login, two-factor on .
You’ve probably seen http://twofactorauth.org: This site totally misses the point. I think Walmart should be congratulated for not rolling out 2FA. A tightly bundled solution that just solves two factor authentication for their website (which I almost never visit) or in their stores (which I am almost never in), is fantastic. Nice work Walmart!!! The … Read more >>
This entry was posted in Gluu and tagged 2fa, authentication, Identity, openid, SAML OpenID SSO 2Factor Authentication Authorization IAM Identity, social, sxsw on .
SXSW 3/10/14 From our perspective, websites are in cyberspace. But from the website perspective, you and I… are in “meat-space.” In 1984, William Gibson coined the term “MeatSpace” in his book Neuromancer. “Meat Space” is the physical world where our bodies (“pieces of meat”) move around and do meat-like things, like go shopping, brush our … Read more >>
This entry was posted in Gluu and tagged authentication, oauth2, openid connect, Single Sign-On, sso, uma on .
10 Reasons Why OpenID Connect will be ubiquitous for domain authentication “The difficult… I’ll do right now. The impossible may take a little while…” Bob Russell lyrics for Jazz standard “Crazy She Calls Me” OpenID Connect has reached the quorum of votes needed for approval! Check out the launch press release. This under-appreciated event will … Read more >>
This entry was posted in CLOUD IDENTITY SECURITY and tagged 2fa, authentication, credential management, logout, Single Sign-On on .
While watching an InCommon mailing list discussion around Duo and other forms of strong authentication, it became apparent that we’ve completely failed at educating universities on what the Gluu Server is and how it works. Learn more about the Gluu Server. Implementations of Duo are providing the first real world experiences on large scale mobile … Read more >>