Security Boulevard

What is a Passkey for Account Login?

Learn what passkeys are, how they use public key cryptography for account login, and why they are replacing legacy passwords in software development and ciam.
Security Boulevard

Understanding Implicit Identity Authentication Methods

A deep dive into implicit identity authentication methods for software development, covering oauth 2.0 flows, security risks, and modern alternatives for single-page applications.
heise online

Page 2: The Backend-for-Frontend Pattern: The Architectural Solution

Given the serious security issues with token storage in the browser, a fundamental question arises: Why even try to store access tokens securely in the frontend when you can instead leave them where ...
heise online

No Chance for Token Theft: The Backend-for-Frontend Pattern

The Backend-for-Frontend pattern addresses security issues in Single-Page Applications by moving token management back to the server. Martina Kraus has been involved in web development since her early ...
InfoWorld

Public package repos expose thousands of API security tokens—and they’re active

JFrog’s new Xray Secrets Detection uncovered active access tokens in popular open-source software registries including Docker, npm, and PyPI. Here are our findings and takeaways. As part of the ...