Fung

Product Manager

Having an open relationship with code, design, and marketing

View LinkedIn

Having an open relationship with code, design, and marketing

Posts by 

Fung

Industry

Insecure Direct Object Reference (IDOR): Examples & API Prevention

What IDOR is, how it happens in web & APIs, real-world examples, and a practical checklist to prevent object-level authZ bugs (BOLA).

Fung
May 28, 2025
Industry

Comprehensive Guide to Cryptographic Failures (OWASP Top 10 A02)

Learn what cryptographic failures are, see real-world examples, and get OWASP best practices to secure data in transit & at rest.

Fung
May 28, 2025
Engineering

OTP Bypass: How OTP Bots Beat SMS 2FA (+ Fixes)

See how OTP bot apps bypass SMS 2FA and ship fixes fast: adaptive CAPTCHA, entity rate limits, risk scoring, and Authgear fraud protection.

Fung
May 28, 2025
Engineering

5 Common TOTP Mistakes Developers Make (and How to Fix them)

TOTP codes not working? See 5 common mistakes developers make — clock drift, Base32 secrets, RFC 6238 parameter mismatches — and how to fix them. Includes a free online TOTP Authenticator tool.

Fung
May 28, 2025

Get Started for free

Authgear.com is free for apps unlimited MAUs (Monthly Active Users) with Authgear branding. It is also open source and always free!

Get Started

Talk with our sales team

If you are looking for volume discounts, custom support plans, SLA, or have a different compliance requirements, feel free to contact us!

Contact Us
Preferences

Privacy is important to us, so you have the option of disabling certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may impact your experience on the website.

Accept all cookies

These items are required to enable basic website functionality.

Always active

These items are used to deliver advertising that is more relevant to you and your interests.

These items allow the website to remember choices you make (such as your user name, language, or the region you are in) and provide enhanced, more personal features.

These items help the website operator understand how its website performs, how visitors interact with the site, and whether there may be technical issues.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.