Dark Reading

OAuth, OpenID Flaw: 7 Facts

The recently disclosed security flaws in some implementations of the widely used OAuth and OpenID website authentication mechanisms are serious. But they're not nearly as bad as the recently ...
secureidnews.com

Why the future of authentication isn’t SAML

The future of authentication will not rely on SAML, but with OpenID Connect and OAuth 2 instead, Dave Kearns contends in a blog post for KuppingerCole. SAML, or Security Assertion Markup Language, is ...
Threat Post

Critical Holes in OAuth, OpenID Could Leak Information, Redirect Users

A serious vulnerability in both the OAuth and OpenID protocols could lead to complications for those who use the services to login to websites like Facebook, Google, LinkedIn, Yahoo, Microsoft, PayPal ...
Security Boulevard

Architecting Enterprise Readiness: Why SAML Still Wins the B2B Auth War

Deep dive into SAML architecture for CTOs and Engineering VPs. Learn why SAML 2.0 is the enterprise standard for SSO and how to handle complex XML assertions.
The Next Web

Facebook Connect, OAuth and OpenID: The differences and the future

With today’s announcement from Facebook of its plans to take its Facebook Connect program into the mobile sphere with Single Sign-on, it started to raise some questions from across various points. On ...
Security Boulevard

SAML vs OIDC: Choosing the Right Protocol for Modern Single Sign-On

Comparing SAML and OIDC for enterprise SSO. Learn which protocol works best for web, mobile, and CIAM solutions in this deep dive for CTOs.
CSOonline

OpenID, Successful Failures And New Federated Identity Options

If you’re a security and risk professional in charge of protecting consumer-facing applications, you may have heard that OpenID is a “toy,” or it’s an insecure protocol, or other critiques. And then ...