Latest posts

Discover our latest articles and stories

Industry

Ditch the Password, Secure Your Accounts with YubiKey: The Future of Authentication is Here

In today's digital world, our online identities are more important than ever. Protecting them with strong passwords feels like a constant, uphill battle. But what if there was a better way? Enter the YubiKey, a powerful hardware authentication device that offers unmatched security and convenience.

Industry

OIDC vs. SAML: Decoding the SSO Showdown (And Why It Matters for Your Business)

Choosing the right Single Sign-On (SSO) solution for your business can feel like traversing a labyrinth of acronyms. Enter the two reigning champions: OIDC and SAML. Fear not, weary traveler, for this blog post will be your Rosetta Stone, demystifying the OIDC vs. SAML duel and equipping you to choose the victor for your digital kingdom.

Industry

Securing Your Enterprise: Why SOC 2 Compliance is the Key (and How Authentication Holds the Lock)

In today's data-driven world, where information is the lifeblood of business, trust is paramount. Enterprises entrust service providers with sensitive data, from customer records to financial transactions. But how can companies ensure their data is handled with the utmost security and privacy? Enter SOC 2 compliance, a powerful framework that sets the gold standard for data security practices.

Industry

Securing the Perimeterless: Dive Deep into Zero Trust Architecture with Continuous Authentication

The cost of digital vulnerabilities is staggering. In 2023 alone, cybercrime is estimated to cause $6 trillion in global damages, a figure expected to balloon to $10.5 trillion by 2025. Every minute, 117 new records are exposed in data breaches, with the average cost of a breach topping $4 million. Closer to home, 46% of all cyberattacks target businesses with fewer than 1,000 employees, illustrating the widespread reach of the threat.

Industry

Taming the Workforce Wild West: WIAM for Extended Workforces and Access Management for Frontline & Contractors

The modern workplace is no longer a nine-to-five saloon. It's a bustling frontier of diverse talent, from frontline staff to seasoned contractors. But managing their access? That's where things get dusty. Traditional WIAM solutions are like rickety stagecoaches – slow, clunky, and full of security holes.

Engineering

Add Social Login to Your Laravel Project Using any Provider

Social login allows users to log in to your website using their existing account on social sites like Facebook, Twitter (X), and Google. In this post, we show how to implement social login in a Laravel project using any social login provider.

Industry

Build vs Buy in 2023: Top Considerations for Choosing Identity Management Solution

Choosing between building or buying an identity management solution is not a straightforward decision. In this article, we'll dive into the key considerations that can guide this decision.

Engineering

What is Broken Access Control Vulnerability And How to Prevent it

The article discusses the significance of the Broken Access Control vulnerability in software security, its types and examples, and offers prevention strategies. It emphasizes the importance of proper access control checks, input validation, and code defense to safeguard applications against unauthorized access and potential attacks.

Engineering

What is OAuth 2.0 and How it Works

The evolution, mechanics, real-life applications and advantages of the secure OAuth 2.0 framework.

Engineering

Authentication for ASP.NET apps with Authgear and OpenID Connect

This blog post demonstrates how to add authentication features to ASP.NET apps with Authgear by implementing an OpenID Connect flow.

Engineering

Get Notified in Slack for Every New User Sign Up With Authgear

This article will guide you through the process of integrating Authgear's Hooks and Events with Slack to send immediate notifications in Slack when a new user signs up.

Engineering

Add Authentication to Any Web Page in 10 Minutes

This post demonstrates how to easily add authentication to any Javascript Single Page Application (SPA) using Authgear.

Engineering

How Profile Enrichment can boost your product

Explore how enriching user profiles work, their benefits, and how you can enable it using Authgear to boost your product usage by understanding who your customers are.

Easy Passwordless Login Experience with Magic Links and Authgear

This post explores what magic links are and what you need to know to implement an email-powered login flow for your users with Authgear.

Engineering

Authentication for Spring Boot App with Authgear and OAuth2

Learn how to add authentication to your Java Spring Boot application using OAuth2 with Authgear as the Identity Provider.

Engineering

Simplifying Authentication Integration For Developers With Authgear SDKs

Authgear SDK libraries make it easy for developers to integrate and interact with Authgear.

Industry

What Is Identity as a Service (IdaaS) And Why Does Your Business Need It?

Learn more about identity as a service and how cloud-based IAM can provider better scalability, streamline access management, and deliver smoother user experience.

Ben Cheng
Industry

How to Elevate Digital Customer Experience with CIAM?

Discover how CIAM solutions serve as the essential foundation to elevate digital customer experience, unlock seamless interactions and build customer loyalty.

Ben Cheng
Industry

Frictionless Authentication: What Is It & How To Implement It?

Learn more about frictionless authentication and how to achieve it with passwordless innovations, practical strategies, and forward-thinking approaches to enhance user experience and security.

Ben Cheng
Industry

What is Customer SSO and Why Should You Implement it?

Learn more about the advantages of Single Sign-On for your customers and how your business can benefit from a unified login experience.

Fung
Industry

Social Login - Why You Should Implement It

Learn how to easily enable social login in your website or app to increase conversion rate and deliver smoother user experience.

Ben Cheng
Engineering

Password Spraying: What It Is and How to Prevent It?

Learn more about password spraying and the different methods to protect your users from it with Authgear.

Ben Cheng
Engineering

What Is Session Management: Threats and Best Practices

Session management involves managing requests between a user and web-based app or service. Learn about best practices of session management and the attacks associated with it.

Ben Cheng
Industry

Authentication vs. Authorization: The Differences in One Table

Learn more about the differences between authentication and authorization, two important security processes, with one simple table.

Ben Cheng
Industry

Insurance IAM: How It Helps Acquire More Clients and Facilitate Collaboration?

IAM does more than just enhancing data security for insurance companies. IAM also helps acquire and retain more users and facilitate collaboration with external team members for insurance. See how IAM achieves these with our guide.

Fung
Engineering

Credential Stuffing: What It Is and How to Prevent It?

Credential stuffing is a type of cyberattack involving use of stolen credentials and bots to gain access to user accounts. Learn more about it and how to prevent it with Authgear.

Fung
Highlight

Broken Authentication: What Is It and How to Prevent It

Broken authentication is one of the OWASP Top 10 vulnerabilities that involves hackers impersonating users to compromise data security. See what the causes are and how to avoid broken authentication.

Fung
Industry

Extended Enterprise and Identity & Access Management: The Challenges & Solutions

Extended enterprise, including customers, partners, contractors, etc., poses some new identity & access challenges for businesses. Learn more about the challenges and solutions.

Industry

Authentication-as-a-Service: What Is It and Why You Need It

By integrating their apps or software with authentication-as-a-service solution, businesses can provide frictinoless signup/login experiences and more

Fung
Engineering

4 Things We Learned Supporting Passkeys

Passkeys have the potential to completely replace passwords, but it isn't perfect yet. Learn more about what you might encounter when supporting them.

Fung
Highlight

Passkeys Compatibility: Which Platforms Support Passkeys?

Passkeys are now supported by iOS, macOS, Chrome and Android. Learn more about passkeys and their compatibility with major browsers and platforms.

Fung
Industry

Tech Giants Take One Step Closer to a Future without Passwords

Apple, Google, and Microsoft have committed to make passwords a thing of the past, taking another step towards a future without passwords.

Fung
Industry

What Is SMS Authentication and Should You Implement It?

SMS authentication is one of the most common methods of authentication that verifies user identity via text messages.

Industry

Is SMS OTP Reliable? Its Vulnerabilities and Alternatives

Learn more about what makes SMS OTP so popular, how SMS OTP works, its risks, and alternatives to better protect your users.

Engineering

Web Application Authentication: How It Works and How to Implement It

In this guide, you'll learn more about how authentication in web app works and how to implement it with Authgear.

Industry

How to Increase Marketing ROI with WhatsApp Marketing

Marketing on WhatsApp is a more cost-effective and efficient way to promote your brands, increase marketing ROI, and engage with your customers.

Industry

Why You Need Customer Identity and Access Management (CIAM)?

Customer Identity and Access Management (CIAM) does more than managing and verifying users’ identities. See why you need a CIAM solution.

Industry

Sign Up Form Best Practices: Skyrocket Your App Conversion Rate

Explore the top 5 sign up page optimization techniques to maximize the sign up rate for your apps and grow your user base.

Industry

The Right to Erasure and How You Can Follow It for Your Apps

Under GDPR, users of mobile apps or software are entitled to have their data removed. This is known as the right to erasure or right to be forgotten.

Engineering

Password Hashing and Salting Explained

Learn more about password hashing and salting to better protect your users' passwords from malicious attacks.

Fung
Highlight

Web Application Authentication Best Practices in 2022

Learn more about what to keep in mind to ensure data security for your web apps.

Industry

Passwordless Authentication: All You Need to Know For Better Security

Learn more about why passwordless authentication has been adopted by all industries and how you can implement it with ease.

Industry

Biometric Authentication: Why Do Your Applications Need It in 2023?

Biometric authentication provides better data security and user experience for users. Learn more about the different biometric authentication methods.

Fung
Industry

In-App Account Deletion Required by App Store Starting June 30, 2022

Apple will soon require apps to allow users to initiate account deletion. Learn more about the upcoming policy and how you can prepare for it.

Industry

How to protect your users from automated attacks

Let’s explore the best ways to protect your users from the rapidly evolving menace of automated attacks.

Highlight

Session vs Token Authentication

Sessions and Tokens, which of these authentication methods best suits your website or application? Let’s find out.

Engineering

Authentication Security: Password Reset Best Practices and More

We aggregated a series of notable ‘traps’ below. We’ll go through each of them, identify possible security breaches and issues, and fix them.

Industry

What Is Multi-Factor Authentication (MFA) And How Does It Work?

The fact is, if you aren’t using multi-factor authentication (MFA), then your accounts are not as secure as you think.

Integrations

Send OTP on WhatsApp 2022

OTPs are essential to verify transactions and logins. In Authgear, you can send OTPs with the messenger services they are familiar with.