Threat Post

Critical Holes in OAuth, OpenID Could Leak Information, Redirect Users

A serious vulnerability in both the OAuth and OpenID protocols could lead to complications for those who use the services to login to websites like Facebook, Google, LinkedIn, Yahoo, Microsoft, PayPal ...
CSOonline

How SAML works and enables single sign-on

What is SAML and what is it used for? The Security Assertion Markup Language (SAML) is an open standard that allows security credentials to be shared by multiple computers across a network. It ...
Lifehacker

Security Flaw Found in OAuth and OpenID, Here's What It Means for You

Another day, another major internet security flaw (step aside, Heartbleed). A bug has been found in OpenID and OAuth 2.0, two authentication programs that let you log into web sites using your Google, ...
secureidnews.com

Why the future of authentication isn’t SAML

The future of authentication will not rely on SAML, but with OpenID Connect and OAuth 2 instead, Dave Kearns contends in a blog post for KuppingerCole. SAML, or Security Assertion Markup Language, is ...
The Next Web

OAuth and OpenID Authentication Vulnerable To “Timing Attack”

Authentication systems employed by large websites such as Twitter and Digg could be at risk after researchers have discovered a basic flaw that could crack a large number of open-source software ...
Engadget

Popular login services have a security hole, but Facebook and Microsoft can't fix it

The recent Heartbleed scare caused a huge stir, even though it was effectively fixed before it even happened. There are other sorts of security holes, however, which can't be plugged so readily, and ...
Computer Weekly

What is OpenID? How to use OpenID SSO in your organisation

A thorny problem for many organisations running a website is the registration process for new users. The marketing department wants to capture as much information about each new user as possible, but ...