https:\/\/youtu.be\/slxiQQC1SpY<\/p>\n
Many websites allow users to log in with their Facebook or Google account. This web-based single sign-on (SSO), as it’s called, mostly uses the standard protocols such as OAuth and OpenID Connect, but how secure are these protocols? And what can go wrong?<\/p>\n
In this 64-minute presentation from the 33rd Chaos Communication Congress (33c3), \u00a0an annual conference organized by the Chaos Computer Club in Hamburg, DE, speaker Guido Schmitz breaks down the\u00a0disadvantages of OAuth and OpenID Connect\u00a0and demonstrates what can go wrong with them.<\/p>\n
Schmitz will also examine Mozilla’s proposed authentication protocol, BrowserID (a.k.a. Persona), and discuss whether their proposition really solved the privacy issue, the lessons learned and what we can do better.<\/p>\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
https:\/\/youtu.be\/slxiQQC1SpY Many websites allow users to log in with their Facebook or Google account. This web-based single sign-on (SSO), as it’s called, mostly uses the standard protocols such as OAuth and OpenID Connect, but how secure are these protocols? And what can go wrong? In this 64-minute presentation from the 33rd Chaos Communication Congress (33c3), […]<\/p>\n","protected":false},"author":24,"featured_media":1533,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[7],"tags":[463,464,223,462,147,461,205],"acf":[],"yoast_head":"\n