Auth0 Identity, (Cyber)Security, & Privacy Articles

JWT

Why You Should Always Use Access Tokens to Secure an API

We explain the difference between access token and ID token and why the latter should never be used to secure an API.

SSO

Add SSO for Disqus on your WordPress Site with Auth0

Learn how utilize SSO for your Disqus WordPress plugin for your blog comments using Auth0 for authentication on the blog.

Authentication

Is Passwordless Authentication More Secure Than Passwords?

When your users' behaviors determine the safety of your login, passwordless comes out on top.

Vulnerabilities

Brute Forcing HS256 is Possible: The Importance of Using Strong Keys in Signing JWTs

Cracking a JWT signed with weak keys is possible via brute force attacks. Learn how Auth0 protects against such attacks and alternative JWT signing methods provided.

Innovation Labs

Why Identity Matters for Innovation Labs

Learn about identity innovations, and why identity matters for innovation labs.

Predictions

Analyzing Identity in Movies

As technology becomes more advanced, movies are predictors of how our identity will be utilized.

IAM

5 Reasons Your Company Needs Identity and Access Management

From revenue to employee happiness, identity management has more to offer than you might think.

Vulnerabilities

Critical Vulnerability in JSON Web Encryption

JSON Web Encryption is vulnerable to a classic Invalid Curve Attack. Learn how this may affect you and what to do about it.

Breaches

Cloudpets Data Breach Affects Over 820,000 Customers

An unsecured database allowed hackers to steal personal information from over 820,000 Cloudpets customers. Learn how this may affect you and what to do next.

Vulnerabilities

What Cloudbleed Means for You and Your Customers

Tavis Ormandy, a vulnerability researcher at Google, discovered that Cloudflare was accidentally leaking sensitive data including passwords, private messages, and more. Learn how this may affect you and your customers and what to do next.

Algorithms

SHA-1 Has Been Compromised In Practice

The CWI Institute and Google have successfully demonstrated a practical SHA-1 collision attack by publishing two unique PDF files that produce the same hash value.

MFA

Is Multifactor Authentication The Best Way To Secure Your Accounts? Myths And Reality

Multifactor authentication is important, but the question of implementation is more complex than it seems.

Enterprise Federation

How Enterprise Federation Helps Shorten The Sales Cycle

Optimizing your login for enterprise customers can help you save time and close deals.

Search Results

Identity & Security

JWT

Why You Should Always Use Access Tokens to Secure an API

SSO

Add SSO for Disqus on your WordPress Site with Auth0

Authentication

Is Passwordless Authentication More Secure Than Passwords?

Vulnerabilities

Brute Forcing HS256 is Possible: The Importance of Using Strong Keys in Signing JWTs

Innovation Labs

Why Identity Matters for Innovation Labs

Predictions

Analyzing Identity in Movies

IAM

5 Reasons Your Company Needs Identity and Access Management

Vulnerabilities

Critical Vulnerability in JSON Web Encryption

Breaches

Cloudpets Data Breach Affects Over 820,000 Customers

Vulnerabilities

What Cloudbleed Means for You and Your Customers

Algorithms

SHA-1 Has Been Compromised In Practice

MFA

Is Multifactor Authentication The Best Way To Secure Your Accounts? Myths And Reality

Enterprise Federation

How Enterprise Federation Helps Shorten The Sales Cycle