Topic: authentication

WSO2 updates Identity Server with a new API that allows for browser-less authentication

WSO2 is updating its open-source identity and access management (IAM) software, Identity Server. Key highlights of Identity Server 7.0 include a new authentication API, a new visual editor, and one-click access to application templates. The new authentication API allows developers to build authentication flows that happen directly in an application rather than redirecting to a … continue reading

FusionAuth’s latest update improves scalability of its authentication platform

FusionAuth has announced that it has improved the scalability and performance of its platform, which allows developers to incorporate authentication into their applications. According to the company, the complexity of modern authentication methods can be a challenge for developers to deal with, and while there are many identity tools that can provide them with basic … continue reading

Google enables passkeys as default authentication method in Google Accounts

Google is making passkeys more accessible by offering them as the default option for authentication across personal Google Accounts. In the future, when you log in to your account, users will be prompted to create and use passkeys for easier sign-ins. Additionally, the “Skip password when possible” option in Google Account settings will be enabled. … continue reading

Okta Launches Passkey Support to Help Enterprises Unlock a Passwordless Future

SAN FRANCISCO–(BUSINESS WIRE)–OKTANE 2023 — Okta, Inc. (NASDAQ: OKTA), the leading independent Identity partner, announced support for passkeys in early access as a passwordless authentication method for Okta Customer Identity Cloud, powered by Auth0. With the flip of a switch, developers and digital teams can quickly add sophisticated passkey support to their apps, and increase adoption of phishing-resistant, passwordless authentication. … continue reading

Amazon introduces new way to manage authentication in applications

Amazon Verified Permissions centralizes user permissions in a policy store, which developers can then use to authorize those users to perform certain actions in their applications.  According to Amazon, this felt like a necessary feature to create because of the significant effort required to implement authentication in an application. Typically, the logic for authorization happens … continue reading

Despite advancements in authentication technology, MFA adoption lags

In today’s digital age, ensuring secure authentication at your organization is more crucial than ever. With the increasing prevalence of cyber attacks, data breaches, and identity theft, it is imperative for businesses to implement robust security measures to protect their sensitive information and assets.  Passwords are still the leading cause of security breaches, and we’ll … continue reading

Google Identity Services update makes it easier to implement authentication

Last year, Google announced Google Identity Services (GIS), which is a set of APIs that consolidated several identity offerings from the company. Included in the GIS development kit are the Sign in with Google button and the authentication prompt One Tap.  Now, Google is adding an authorization feature to GIS to bolster the offerings of … continue reading

The password is … passwordless

Microsoft’s announcement last month that users of Office and other company software can now create passwordless login scenarios was welcome news. I think I speak for the entire computer-using world when I say this is just great. Passwords are the bane of our existence. They really give the worst user experience of all.  I’ve worked … continue reading

SD Times news digest: Gremlin’s Chaos Engineering Practitioner Certificate Program, FusionAuth Advanced MFA, and InstallAware X13 for Ethereum

Gremlin’s new Chaos Engineering Practitioner Certificate Program was designed to help software teams get started with chaos engineering.  “No matter your title and background, Gremlin makes it easy for anybody interested in reliability to become a Chaos Engineering expert,” Tammy Butow, a principal SRE at Gremlin, wrote in a blog post. “This Gremlin Certificate Program … continue reading

SD Times news digest: OctoML to accelerate ML deployment, Windows Community Toolkit 7.0, and SQLAlchemy 1.4 released

OctoML announced that it raised $28 million in a Series B funding round that it will use towards accelerating ML deployment.  OctoML said it will use the funding to double its team and launch Octomizer, its self-serve SaaS product. The company is also building a Machine Learning Acceleration Platform that automatically maximizes model performance while … continue reading

CWE: XSS and out-of-bounds write the most dangerous software weaknesses of 2020

The Common Weakness Enumeration (CWE) has released its 2020 “Top 25 Most Dangerous Software Weakness” report, which found improper neutralization of input during web page generation, also known as cross-site scripting (XSS), and out-of-bounds write, where the most dangerous weakness. With cross-site scripting, software does not neutralize or incorrectly neutralizes user-controllable input before it is … continue reading

SD Times news digest: Postman 7.1, Auth0 secures $103 million, and an update on the Stack Overflow breach

API development environment provider Postman has announced Postman 7.1, which enables developers to create APIs directly within the app. The release features new API, define, develop, test and observe tabs, API elements, extended schema support, and versioning and version tagging. The new versioning feature allows developers to maintain multiple versions of an API simultaneously, Postman … continue reading Protection Status