#authentication — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #authentication, aggregated by home.social.
-
Defense in depth for autonomous AI agents | Microsoft Security Blog
https://www.microsoft.com/en-us/security/blog/2026/05/14/defense-in-depth-autonomous-ai-agents/
Read on HackerWorkspace: https://hackerworkspace.com/article/defense-in-depth-for-autonomous-ai-agents-microsoft-security-blog
-
https://winbuzzer.com/2026/05/14/google-unveils-android-security-features-including-xcxwbn/
Google has added Android scam-call blocking, default theft protections, and Android 17 security checks aimed at stopping fraud and device abuse on phones.
#Android #Google #Android17 #PrivacyProtection #Authentication #DigitalPayments #Smartphones
-
OpenAI Unlocks Cybersecurity Model for Europe
German…
#Europe #EU #Anti-moneylaundering #authentication #bankinformationsecurity #bankinformationsecurityregulations #bankregulations #bankinginformationsecurity #fdic #fincen #gao #glba #identitytheft #informationsecurity #informationsecurityarticles #informationsecurityevents #informationsecuritynews #informationsecuritywebinars #informationsecuritywhitepapers #Phishing #riskmanagement #sarbanesoxley(sox)
https://www.europesays.com/europe/39869/ -
Alternative to GCPW for Ubuntu: How to link Google Workspace accounts to persistent local users? #gdm #authentication #google #pam
-
Alternative to GCPW for Ubuntu: How to link Google Workspace accounts to persistent local users? #gdm #authentication #google #pam
-
Alternative to GCPW for Ubuntu: How to link Google Workspace accounts to persistent local users? #gdm #authentication #google #pam
-
Alternative to GCPW for Ubuntu: How to link Google Workspace accounts to persistent local users? #gdm #authentication #google #pam
-
Логин через Telegram по-новому: разбираем OIDC-флоу oauth.telegram.org и собираем его на Python
Telegram теперь полноценный OpenID-провайдер: oauth.telegram.org, JWKS, JWT, claims. Туториалы на GitHub при этом массово показывают старый виджет с HMAC от bot-token и /setdomain в BotFather. Я разобрался с новым флоу и собрал PoC на Python — рассказываю, как устроен обмен между фронтом, Telegram и бэком, чем Login library через telegram-login.js отличается от manual OIDC code flow с PKCE, что настраивать в BotFather (спойлер: не в чате, а в его mini-app), как протестировать локально через ngrok, и какая проверка id_token нужна вместо ручного HMAC.
https://habr.com/ru/articles/1033632/
#telegram #telegram_login #openid_connect #oidc #oauth2 #jwt #jwks #pyjwt #python #authentication
-
Логин через Telegram по-новому: разбираем OIDC-флоу oauth.telegram.org и собираем его на Python
Telegram теперь полноценный OpenID-провайдер: oauth.telegram.org, JWKS, JWT, claims. Туториалы на GitHub при этом массово показывают старый виджет с HMAC от bot-token и /setdomain в BotFather. Я разобрался с новым флоу и собрал PoC на Python — рассказываю, как устроен обмен между фронтом, Telegram и бэком, чем Login library через telegram-login.js отличается от manual OIDC code flow с PKCE, что настраивать в BotFather (спойлер: не в чате, а в его mini-app), как протестировать локально через ngrok, и какая проверка id_token нужна вместо ручного HMAC.
https://habr.com/ru/articles/1033632/
#telegram #telegram_login #openid_connect #oidc #oauth2 #jwt #jwks #pyjwt #python #authentication
-
Логин через Telegram по-новому: разбираем OIDC-флоу oauth.telegram.org и собираем его на Python
Telegram теперь полноценный OpenID-провайдер: oauth.telegram.org, JWKS, JWT, claims. Туториалы на GitHub при этом массово показывают старый виджет с HMAC от bot-token и /setdomain в BotFather. Я разобрался с новым флоу и собрал PoC на Python — рассказываю, как устроен обмен между фронтом, Telegram и бэком, чем Login library через telegram-login.js отличается от manual OIDC code flow с PKCE, что настраивать в BotFather (спойлер: не в чате, а в его mini-app), как протестировать локально через ngrok, и какая проверка id_token нужна вместо ручного HMAC.
https://habr.com/ru/articles/1033632/
#telegram #telegram_login #openid_connect #oidc #oauth2 #jwt #jwks #pyjwt #python #authentication
-
Логин через Telegram по-новому: разбираем OIDC-флоу oauth.telegram.org и собираем его на Python
Telegram теперь полноценный OpenID-провайдер: oauth.telegram.org, JWKS, JWT, claims. Туториалы на GitHub при этом массово показывают старый виджет с HMAC от bot-token и /setdomain в BotFather. Я разобрался с новым флоу и собрал PoC на Python — рассказываю, как устроен обмен между фронтом, Telegram и бэком, чем Login library через telegram-login.js отличается от manual OIDC code flow с PKCE, что настраивать в BotFather (спойлер: не в чате, а в его mini-app), как протестировать локально через ngrok, и какая проверка id_token нужна вместо ручного HMAC.
https://habr.com/ru/articles/1033632/
#telegram #telegram_login #openid_connect #oidc #oauth2 #jwt #jwks #pyjwt #python #authentication
-
@jtb : an increasing number of people I know do no longer use desktops (that is, at home). An iPhone and an iPad, or an Android phone (and optionally a Chromebook), suffice for most people.
Commercial password managers will try to lock you in as a customer, while using open source (such as KeePass compatible) apps leads to other risks (such as stopped maintenance or malicious take over).
Most people I know even refuse to use password managers because of their complexity - while they enormously underestimate their risks by using one or a few weak passwords written on paper or stored in excel sheets.
Some of them feel betrayed after being advised to use TOTP 2FA - which is not phishing resistant, effectively *is* a password manager, too often without backups (of the shared secrets) being made, leading to account lockout after losing their phones (or app malfunction). And I'm not even considering privacy invasive and insecure TOTP apps such as Authy.
Nobody warned them of risks associated with TOTP, as nobody warns them for the risks that come with passkeys. People are, IMO, righfully not interested in the crap the industry is trying to enforce on them.
-
@jtb : an increasing number of people I know do no longer use desktops (that is, at home). An iPhone and an iPad, or an Android phone (and optionally a Chromebook), suffice for most people.
Commercial password managers will try to lock you in as a customer, while using open source (such as KeePass compatible) apps leads to other risks (such as stopped maintenance or malicious take over).
Most people I know even refuse to use password managers because of their complexity - while they enormously underestimate their risks by using one or a few weak passwords written on paper or stored in excel sheets.
Some of them feel betrayed after being advised to use TOTP 2FA - which is not phishing resistant, effectively *is* a password manager, too often without backups (of the shared secrets) being made, leading to account lockout after losing their phones (or app malfunction). And I'm not even considering privacy invasive and insecure TOTP apps such as Authy.
Nobody warned them of risks associated with TOTP, as nobody warns them for the risks that come with passkeys. People are, IMO, righfully not interested in the crap the industry is trying to enforce on them.
-
@jtb : an increasing number of people I know do no longer use desktops (that is, at home). An iPhone and an iPad, or an Android phone (and optionally a Chromebook), suffice for most people.
Commercial password managers will try to lock you in as a customer, while using open source (such as KeePass compatible) apps leads to other risks (such as stopped maintenance or malicious take over).
Most people I know even refuse to use password managers because of their complexity - while they enormously underestimate their risks by using one or a few weak passwords written on paper or stored in excel sheets.
Some of them feel betrayed after being advised to use TOTP 2FA - which is not phishing resistant, effectively *is* a password manager, too often without backups (of the shared secrets) being made, leading to account lockout after losing their phones (or app malfunction). And I'm not even considering privacy invasive and insecure TOTP apps such as Authy.
Nobody warned them of risks associated with TOTP, as nobody warns them for the risks that come with passkeys. People are, IMO, righfully not interested in the crap the industry is trying to enforce on them.
-
@jtb : an increasing number of people I know do no longer use desktops (that is, at home). An iPhone and an iPad, or an Android phone (and optionally a Chromebook), suffice for most people.
Commercial password managers will try to lock you in as a customer, while using open source (such as KeePass compatible) apps leads to other risks (such as stopped maintenance or malicious take over).
Most people I know even refuse to use password managers because of their complexity - while they enormously underestimate their risks by using one or a few weak passwords written on paper or stored in excel sheets.
Some of them feel betrayed after being advised to use TOTP 2FA - which is not phishing resistant, effectively *is* a password manager, too often without backups (of the shared secrets) being made, leading to account lockout after losing their phones (or app malfunction). And I'm not even considering privacy invasive and insecure TOTP apps such as Authy.
Nobody warned them of risks associated with TOTP, as nobody warns them for the risks that come with passkeys. People are, IMO, righfully not interested in the crap the industry is trying to enforce on them.
-
2fa 1337: A 2FA app that spots cool numbers like 80085 and tells you about them
https://blog.jacobstechtavern.com/p/building-a-2fa-app-that-detects-patterns
#authentication #via:george #numbers #random #rngdle #funny #2fa #+ -
2fa 1337: A 2FA app that spots cool numbers like 80085 and tells you about them
https://blog.jacobstechtavern.com/p/building-a-2fa-app-that-detects-patterns
#authentication #via:george #numbers #random #rngdle #funny #2fa #+ -
2fa 1337: A 2FA app that spots cool numbers like 80085 and tells you about them
https://blog.jacobstechtavern.com/p/building-a-2fa-app-that-detects-patterns
#authentication #via:george #numbers #random #rngdle #funny #2fa #+ -
2fa 1337: A 2FA app that spots cool numbers like 80085 and tells you about them
https://blog.jacobstechtavern.com/p/building-a-2fa-app-that-detects-patterns
#authentication #via:george #numbers #random #rngdle #funny #2fa #+ -
2fa 1337: A 2FA app that spots cool numbers like 80085 and tells you about them
https://blog.jacobstechtavern.com/p/building-a-2fa-app-that-detects-patterns
#authentication #via:george #numbers #random #rngdle #funny #2fa #+ -
#ITByte: Do you know what is full form of #Captcha?
Today is #WorldPasswordDay. Know more about some common #Terminologies related to #Password and user #Authentication.
https://knowledgezone.co.in/posts/World-Password-Day-627397e7688874a8f4d93c77
-
#ITByte: Do you know what is full form of #Captcha?
Today is #WorldPasswordDay. Know more about some common #Terminologies related to #Password and user #Authentication.
https://knowledgezone.co.in/posts/World-Password-Day-627397e7688874a8f4d93c77
-
#ITByte: Do you know what is full form of #Captcha?
Today is #WorldPasswordDay. Know more about some common #Terminologies related to #Password and user #Authentication.
https://knowledgezone.co.in/posts/World-Password-Day-627397e7688874a8f4d93c77
-
#ITByte: Do you know what is full form of #Captcha?
Today is #WorldPasswordDay. Know more about some common #Terminologies related to #Password and user #Authentication.
https://knowledgezone.co.in/posts/World-Password-Day-627397e7688874a8f4d93c77
-
#ITByte: Do you know what is full form of #Captcha?
Today is #WorldPasswordDay. Know more about some common #Terminologies related to #Password and user #Authentication.
https://knowledgezone.co.in/posts/World-Password-Day-627397e7688874a8f4d93c77
-
#Design #Guidelines
Session timeouts · The overlooked accessibility barrier in authentication design https://ilo.im/16cbg2_____
#Authentication #Sessions #Accessibility #WCAG #Security #Usability #ProductDesign #UxDesign #UiDesign #WebDesign -
OpenAI launches Advanced Account Security with YubiKey support to lock down ChatGPT accounts
https://fed.brid.gy/r/https://nerds.xyz/2026/05/openai-advanced-account-security-chatgpt/
-
Session Timeouts: The Overlooked Accessibility Barrier in Authentication Design, by @eleanorhecks.bsky.social (@smashingmag):
#accessibility #authentication #time #ux #designpatterns #wcag
-
https://winbuzzer.com/2026/05/01/openai-announces-new-advanced-security-for-chatgpt-xcxwbn/
OpenAI Launches Yubico-Backed ChatGPT Account Protection
#AI #ChatGPT #OpenAI #AISecurity #Authentication #Passwordless #Cybersecurity #DataSecurity #AIPartnerships
-
https://winbuzzer.com/2026/05/01/openai-announces-new-advanced-security-for-chatgpt-xcxwbn/
OpenAI Launches Yubico-Backed ChatGPT Account Protection
#AI #ChatGPT #OpenAI #AISecurity #Authentication #Passwordless #Cybersecurity #DataSecurity #AIPartnerships
-
https://winbuzzer.com/2026/05/01/openai-announces-new-advanced-security-for-chatgpt-xcxwbn/
OpenAI Launches Yubico-Backed ChatGPT Account Protection
#AI #ChatGPT #OpenAI #AISecurity #Authentication #Passwordless #Cybersecurity #DataSecurity #AIPartnerships
-
https://winbuzzer.com/2026/05/01/openai-announces-new-advanced-security-for-chatgpt-xcxwbn/
OpenAI Launches Yubico-Backed ChatGPT Account Protection
#AI #ChatGPT #OpenAI #AISecurity #Authentication #Passwordless #Cybersecurity #DataSecurity #AIPartnerships
-
https://winbuzzer.com/2026/05/01/openai-announces-new-advanced-security-for-chatgpt-xcxwbn/
OpenAI Launches Yubico-Backed ChatGPT Account Protection
#AI #ChatGPT #OpenAI #AISecurity #Authentication #Passwordless #Cybersecurity #DataSecurity #AIPartnerships
-
🚨 Oh no! The sky is falling, and it's bringing an #authentication #bypass with it! 🎉 Forget your passwords, folks; cPanel/WHM's got a new way to let anyone in—CVE-2026-41940. 🤡 But don't worry, the experts are on it... by writing cryptic jokes only they understand. 🙄🔒
https://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/ #cPanel #WHM #CVE-2026-41940 #cybersecurity #humor #HackerNews #ngated -
🚨 Oh no! The sky is falling, and it's bringing an #authentication #bypass with it! 🎉 Forget your passwords, folks; cPanel/WHM's got a new way to let anyone in—CVE-2026-41940. 🤡 But don't worry, the experts are on it... by writing cryptic jokes only they understand. 🙄🔒
https://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/ #cPanel #WHM #CVE-2026-41940 #cybersecurity #humor #HackerNews #ngated -
🚨 Oh no! The sky is falling, and it's bringing an #authentication #bypass with it! 🎉 Forget your passwords, folks; cPanel/WHM's got a new way to let anyone in—CVE-2026-41940. 🤡 But don't worry, the experts are on it... by writing cryptic jokes only they understand. 🙄🔒
https://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/ #cPanel #WHM #CVE-2026-41940 #cybersecurity #humor #HackerNews #ngated -
🚨 Oh no! The sky is falling, and it's bringing an #authentication #bypass with it! 🎉 Forget your passwords, folks; cPanel/WHM's got a new way to let anyone in—CVE-2026-41940. 🤡 But don't worry, the experts are on it... by writing cryptic jokes only they understand. 🙄🔒
https://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/ #cPanel #WHM #CVE-2026-41940 #cybersecurity #humor #HackerNews #ngated -
🚨 Oh no! The sky is falling, and it's bringing an #authentication #bypass with it! 🎉 Forget your passwords, folks; cPanel/WHM's got a new way to let anyone in—CVE-2026-41940. 🤡 But don't worry, the experts are on it... by writing cryptic jokes only they understand. 🙄🔒
https://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/ #cPanel #WHM #CVE-2026-41940 #cybersecurity #humor #HackerNews #ngated -
The Internet Is Falling Down- CPanel/WHM Authentication Bypass CVE-2026-41940
#HackerNews #CPanel #WHM #Security #Vulnerability #Authentication #Bypass #CVE2026-41940 #Cybersecurity
-
The Internet Is Falling Down- CPanel/WHM Authentication Bypass CVE-2026-41940
#HackerNews #CPanel #WHM #Security #Vulnerability #Authentication #Bypass #CVE2026-41940 #Cybersecurity
-
The Internet Is Falling Down- CPanel/WHM Authentication Bypass CVE-2026-41940
#HackerNews #CPanel #WHM #Security #Vulnerability #Authentication #Bypass #CVE2026-41940 #Cybersecurity
-
The Internet Is Falling Down- CPanel/WHM Authentication Bypass CVE-2026-41940
#HackerNews #CPanel #WHM #Security #Vulnerability #Authentication #Bypass #CVE2026-41940 #Cybersecurity
-
The Internet Is Falling Down- CPanel/WHM Authentication Bypass CVE-2026-41940
#HackerNews #CPanel #WHM #Security #Vulnerability #Authentication #Bypass #CVE2026-41940 #Cybersecurity
-
Given the amount of online scams, if you ever need to verify that a message truly came from me, feel free to ask for a signed response. My public keys are available here:
-
via #AIFoundry : Introducing Toolboxes in Foundry
https://ift.tt/vGLnOAa
#Foundry #Toolboxes #Toolbox #FoundryToolbox #AI #AIAgents #ToolDiscovery #Build #Consume #Governance #UnifiedEndpoint #MCP #OpenAPI #OAuth #MicrosoftEntra #Azure #AzureAI #Authentication #Observability … -
via #AIFoundry : Introducing Toolboxes in Foundry
https://ift.tt/vGLnOAa
#Foundry #Toolboxes #Toolbox #FoundryToolbox #AI #AIAgents #ToolDiscovery #Build #Consume #Governance #UnifiedEndpoint #MCP #OpenAPI #OAuth #MicrosoftEntra #Azure #AzureAI #Authentication #Observability … -
via #AIFoundry : Introducing Toolboxes in Foundry
https://ift.tt/vGLnOAa
#Foundry #Toolboxes #Toolbox #FoundryToolbox #AI #AIAgents #ToolDiscovery #Build #Consume #Governance #UnifiedEndpoint #MCP #OpenAPI #OAuth #MicrosoftEntra #Azure #AzureAI #Authentication #Observability … -
via #AIFoundry : Introducing Toolboxes in Foundry
https://ift.tt/vGLnOAa
#Foundry #Toolboxes #Toolbox #FoundryToolbox #AI #AIAgents #ToolDiscovery #Build #Consume #Governance #UnifiedEndpoint #MCP #OpenAPI #OAuth #MicrosoftEntra #Azure #AzureAI #Authentication #Observability … -
via #AIFoundry : Introducing Toolboxes in Foundry
https://ift.tt/vGLnOAa
#Foundry #Toolboxes #Toolbox #FoundryToolbox #AI #AIAgents #ToolDiscovery #Build #Consume #Governance #UnifiedEndpoint #MCP #OpenAPI #OAuth #MicrosoftEntra #Azure #AzureAI #Authentication #Observability …