Authentication
Modern Authentication - Rob Moore suggested from https://www.andrew-best.com/posts/learn-auth-the-hard-way-part-one/.
Toggle
Why?
- Delegate Responsibility
- Easier SSO
- Distributed Apps
What?
- Identity vs authn vs authz
- Claims-based auth
- Acronym Soup
- Tokens vs Passwords
- Multi-factor authentication
How (Implementation)?
- OpenID connect
How (Standards)?
- Token format
- Auth protocols
https://news.ycombinator.com/item?id=36565405: https://sec.okta.com/articles/2020/04/webauthn-great-and-it-sucks
https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/
https://stackoverflow.com/questions/549/the-definitive-guide-to-form-based-website-authentication
https://github.com/cockpit-project/cockpit/issues/14730
https://www.nngroup.com/articles/password-creation/
https://www.nngroup.com/articles/stop-password-masking/
https://developer.okta.com/blog/2019/10/21/illustrated-guide-to-oauth-and-oidc
https://cheatsheetseries.owasp.org/cheatsheets/Authentication_Cheat_Sheet.html
https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API
Backlinks