Discover and read the best of Twitter Threads about #authentication

Most recents (14)

🔑 More passkeys for everyone!

Descope now helps you add passkey authentication to your app without changing your primary identity provider or user store.

Amazon Cognito and Auth0 customers can now add passkeys to existing logins by using our service as a federated IdP.

🧵👇 Drag and drop passkey authe...
🗣️@slavikm: “We are huge believers in the potential of passkeys. They are unphishable and make the process easier for end users. Our goal with these product enhancements is to reduce friction for any developers looking to add passkeys to their apps.”

🔗: descope.com/press-release/…
Amazon Cognito customer?

✅ Check out our dev blog on how to add #passkeys to your existing user pools: descope.com/blog/post/pass…

âś… If you're a visual learner, this video covers the basics:

#authentication #identity #security #developers #cognito #amazon
Read 4 tweets
I think at large people are missing the significance of a #web3 #wallet beyond just #hodling your favourite #Crypto #Cryptocurency token.

Maybe the same way they effortlessly think about using the #chrome browser.

They are both portals for the #WWW and #Web3 respectively
There are new functionalities being added to #web3 wallets to exist as wallets to hold your #credentials for zero knowledge #authentication.

This wallet market is going to be worth a whopper of a predicted $7 trillion market by 2027 alone.
One of the most significant comments on this movement is from the creation of the open source Open Wallet Foundation via Linux, which has been noted as potentially more significant than #Linux itself!!!!!

#owf

With members such as #ToIP and #Avast (#Gen)
Read 7 tweets
Do you know how authentication works in #AzureAD? The purpose of #authentication is to verify that we really are who we say we are. But how is it possible that our login remains active even if we close the browser? Let's take a look at how tokens work in Azure AD. [1/5]
After a successfully authentication, Azure AD issues a set of #tokens. An access token defaults to one hour and grants the user access to a single resource. If a user accesses multiple resources, they will have multiple access tokens. [2/5]
A refresh token, on the other hand, has essentially unlimited validity and its only purpose is to issue a new access token when the existing one expires, or to issue a new access token for a different resource, giving us a single sign-on (#SSO) experience. [3/5]
Read 5 tweets
Most engineers don’t understand how #authentication works. Here’s how it works in a few tweets, easy peasy! 👇
A user is authenticated if they carry with them a session token that is valid.

All of authenticating a user is boilerplate around this concept.
When a user registers, we save their username and password in a database.

We don’t store the password as-is because our database could get hacked. So we store a hash of it.
Read 11 tweets
OAuth2 - Implicit Flow

Implicit flow is used in old web applications and SPA but due to the expose of access token in URL, it has been deprecated, but let's try to understand it in this thread.

#dotnet #webdeveloper #authentication
Thread 👇
As a first step, the user visits the client app and chooses an OAuth provider(Google) to login. Image
An authorization request is made by the client app with the client id and token as the response type. Image
Read 8 tweets
We’ve brought you 8 #meetups from last month to freshen up your knowledge in React a little.
Bury yourself in these #tech talks and learn about the most recent updates and methods in #React from experts all over the world.

blog.meetupfeed.io/react-tech-tal…
The Worlds Most Expensive React Component via @chantastic
We need to stop building expensive #React #components — components that promise the world but are impossible to maintain. Watch this video for a more productive way of working in React.

meetupfeed.io/talk/the-world…
The Stack of the Future via @kentcdodds
In this talk, Kent shows you how #Remix can help you get started with a solid foundation so you can focus on building out your ideas.

meetupfeed.io/talk/kent-c-do…
Read 10 tweets
.@dschenkelman's chat with @juanrossi, a Senior Platform Security Manager at @Mercadolibre. Join us to know more about their Authorization challenges and how they tackled them.

Join here twitter.com/i/spaces/1yNGa…
#Authorization and #Authentication are too critical to have everyone learning and implementing them from scratch. With more tens of thousands of employees, @Mercadolibre needed to create a solution that is easy to use and can be implemented in any language and tech stack
They also needed to solve for an important problem that touches on #AuthN and #AuthN: how to handle delegation of permissions, where a user can act on behalf of another user.
Read 16 tweets
1. How the electi0n was st0len in '17' easy pages from #SidneyPowell filing in Michigan.
#Exhibit105 pages 1-4
Direct connection to #Serbia #Iran #BMACapitalManagement #DominionVotingSystems #EdisonResearch #DecisionHQ #Spiderfoot #Robtex @POTUS ImageImageImageImage
2. And now here comes #China
Records of #IPAddresses accessing server #ChinaUnicom even the Dominion domain was registered thru Godaddy to #Hunan China #BMACapitalManagement provides #Iran access to money averting US #sanctions and here is #Scorecard #ACORN #obama #Robtex @POTUS ImageImageImageImage
3. In pages 9-12 of #Exhibit105 enter #Canada with alternate domain #DVScorp redirected to #Beanfield
For those with fatfingers domains like #DVScopr were also used thru #China Dominion "loaned" their intellectual property patents to #HSBCbank in #China selling out USA. @POTUS ImageImageImageImage
Read 5 tweets
At least they're looking at the right things - albeit some of them the wrong way round; e.g. for #trust the key issue is #evidenced #revocation, not #informed #consent (which those who just want the data mostly ignore)...
...and it's a shame they went for the tired "#SmartData" trope, when their own analysis shows it's far more about #SmartRegulation (& #metadata).

Some #InformationalPrivity thinking might help:

infiniteideasmachine.com/2017/03/text-o…

Technical platforms & frameworks can deliver things like...
...#authentication, and the immutable, transparent #AuditTrails required for #revocation (i.e. the meaningful bit of "#ConsentManagement") and #redress - for in a regulator-dependent world, as we've discovered, it's the regulator itself that's the #liability.
Read 3 tweets
#TPRM #IAM #authentication #2FA 
Thoughts on a possible quick-win when it comes to reducing potential unauthorized access by third-party personnel that have approved access to your systems (be they on-prem or cloud)
Fact - Most organizations have a valid need to provide access for third-party personnel to their systems for one or the other reason
Unfortunate Reality - 3rd parties don't always let their customers (you) know when one of their people that has access to a customer system departs their employment. They may not even realize the user had access to your system(s)
Read 7 tweets
9 EASY STEPS đź“Ś

you should be taking right now to protect yourself, your accounts and your privacy against #phishing attacks.

#Thread 👇 (1/14)
We’re all living with extra precautions due to the reality of #COVID19 but, unfortunately, that’s not the only threat we’re dealing with.

Cybercrimes are occurring more frequently in the past few weeks, so we’re sharing a list of precautions you all should follow.

(2/14)
If these feel pretty obvious to you — AWESOME! 🤩 But it might be a good time to remind your family and friends to be careful.

(3/14)
Read 14 tweets
🤔 How do you currently solve #authentication?

Here’s a summary of #AuthN solutions from this #HackerNews thread:

news.ycombinator.com/item?id=221571…

👇👇👇
#Firebase Auth

- Free
- Scalable
- Easy to get up & running
- Good docs
- Social auth
- Integrate with any OAuth system via custom tokens
- Email verification
- SMS auth, passwordless login (“magic links”)
- SDK’s for different languages

@Firebase | firebase.google.com/docs/auth

đź”—
#KeyCloak by @RedHat

- Open source
- Social auth, SSO
- Good docs & support
- Easy deploys within a #Docker container
- OAuth2, OIDC, SAML, MFA, themes, & more

@keycloak | keycloak.org

đź”—
Read 9 tweets
🔴⏬ Here I start a thread about some Oracle Database concepts. We will see how far it goes - all questions/comments welcome.
🔴⏬ A database (or DBMS - database management system) stores (for short and long term) and manipulates (from many concurrent users/devices) your #data.
🔴⏬ #data is logically structured (tablespaces, schemas, tables, columns, datatypes, constraints,…). The structure is described by #metadata.
Read 73 tweets
1. Talking at #EmTechDigital today on 'Preparing for #Deepfakes: Trust and Truth' placing in broader framework of how we think about AI and social good. My cliffnotes here in this thread events.technologyreview.com/emtech/digital… (in great company with @red_abebe and @latonero)
2. Quick intro for those don't know @witnessorg; work on helping anyone, anywhere using video and tech for human rights. We're focused on making you more effective, ethical and safe if you do. And that means also keeping eye out for emerging tech threats witness.org
3. Big emerging tech threats we're concerned about now are: #AI at intersection with #disinformation, #media manipulation and rising #authoritarianism. We know this is where the rubber hits the road for activists and civic witnesses on the ground.
Read 25 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!