5 Best Practices To Secure Single Sign-On Systems
CSO Online, July 14th, 2020
July 26, 2020,
Volume 268, Issue 4

Don't assume that SSO is inherently secure. Follow these recommendations to prevent unauthorized access due to authentication flaws.

Ax Sharma writes in CSO Online, "The recent 'Sign in with Apple' vulnerability earned a researcher $100,000 as a part of Apple's bug bounty program. The flaw itself arose from an OAuth-style implementation that did not properly validate JSON Web Token (JWT) authentication between requests. This would have allowed a malicious actor to 'Sign in with Apple' using anyone's Apple ID..."

Read More ...

Keywords:

 
Other articles in the IT News - Security section of Volume 268, Issue 4:

See all archived articles in the IT News - Security section.