Dark Reading

Unprotected Session Tokens Can Undermine FIDO2 Security

Many organizations that have implemented passwordless authentication via the FIDO2 standard may be undermining some of the security benefits of the approach by not properly securing the sessions that ...
Dark Reading

When Good Tokens Go Bad

Tokens are an identity's crown jewel for digital authentication and authorization. Whether they are human or machine, and instantiated as API tokens, OAuth credentials, session tokens, or ephemeral ...