ZDNet

Covert Redirect mostly hype and certainly no Heartbleed

A researcher's contention of security flaws in OAuth and OpenID has serious flaws of its own, according to those familiar with the specifications. News of the security issues hit hard Friday claiming ...
Threat Post

Critical Holes in OAuth, OpenID Could Leak Information, Redirect Users

A serious vulnerability in both the OAuth and OpenID protocols could lead to complications for those who use the services to login to websites like Facebook, Google, LinkedIn, Yahoo, Microsoft, PayPal ...
ZDNet

How to eliminate passwords? It can't be done

Do you follow best practices for passwords on all your accounts? If you say yes, you're either lying, mistaken or using a password manager. It's impossible for human beings to follow best practices.
secureidnews.com

Why the future of authentication isn’t SAML

The future of authentication will not rely on SAML, but with OpenID Connect and OAuth 2 instead, Dave Kearns contends in a blog post for KuppingerCole. SAML, or Security Assertion Markup Language, is ...
The Next Web

Facebook Connect, OAuth and OpenID: The differences and the future

With today’s announcement from Facebook of its plans to take its Facebook Connect program into the mobile sphere with Single Sign-on, it started to raise some questions from across various points. On ...