Back to Blog

Tag Archives: otp


Is Google’s account recovery process broken?

Recently I’ve been evaluating and documenting how Google performs account security. With 1 billion user accounts, Google needs to strike the right balance between security...

William L. June 28, 2018

Gluu versus Keycloak

Keycloak is a very good open source SSO server, with lots of features, and a strong community. Red Hat is the corporate backer of the...

Mike S. May 4, 2018

How to *securely* use SMS two-factor authentication (2FA)

Any form of two-factor authentication (2FA) is better than just username/password. However, sending one-time passcodes (OTP) over text message (SMS) is a notoriously weak form...

William L. February 15, 2018

Be sure to subscibe to
our RSS Feed