CSOonline

What is OAuth? How the open authorization framework works

Since the beginning of distributed personal computer networks, one of the toughest computer security nuts to crack has been to provide a seamless, single sign-on (SSO) access experience among multiple ...
InfoWorld

OAuth 2.0: The protocol at the center of the universe

I am writing this article on the iPad Mini using the Editorial app. This app is connected to my Dropbox account and automatically synchronizes my work. When I come home I can continue editing on my ...
Wired

Developer Quits OAuth 2.0 Spec, Calls It 'a Bad Protocol'

After three years as lead author and editor of the OAuth 2.0 specification, Eran Hammer has stepped down from his role, withdrawn his name from the spec and even quit the OAuth working group ...
CNET

OAuth 2.0 leader resigns, says standard is 'bad'

The standard grew too far away from its roots as a simple Web authentication technology, author Eran Hammer-Lahav says, and now is insecure and overly broad. Stephen Shankland worked at CNET from 1998 ...
Threat Post

OAuth 2.0 Hack Exposes 1 Billion Mobile Apps to Account Hijacking

Mobile app developers need to be aware of improper OAuth 2.0 implementations that have put one billion mobile apps at risk to takeover. Third-party applications that allow single sign-on via Facebook ...
TechCrunch

OpenID + OAuth: Two Great Tastes That Taste Great Together

Today, Google and Plaxo released a hybrid protocol that combines OpenID, the open online identity standard, with OAuth, the secure data portability standard. Too often, when a Website wants to import ...