A serious vulnerability in both the OAuth and OpenID protocols could lead to complications for those who use the services to login to websites like Facebook, Google, LinkedIn, Yahoo, Microsoft, PayPal ...

With today’s announcement from Facebook of its plans to take its Facebook Connect program into the mobile sphere with Single Sign-on, it started to raise some questions from across various points. On ...

A researcher's contention of security flaws in OAuth and OpenID has serious flaws of its own, according to those familiar with the specifications. News of the security issues hit hard Friday claiming ...

Another day, another major internet security flaw (step aside, Heartbleed). A bug has been found in OpenID and OAuth 2.0, two authentication programs that let you log into web sites using your Google, ...

Only a month after Heartbleed almost turned the Internet upside down, another major security flaw hits the limelight - one that could allow hackers to obtain a user's login information, exploiting ...

A vulnerability discovered in OAuth 2.0 and OpenID – dubbed “Covert Redirect,” a play on Open Redirect – could enable attackers to, at the very least, steal credentials from users of some of the most ...

Authentication systems employed by large websites such as Twitter and Digg could be at risk after researchers have discovered a basic flaw that could crack a large number of open-source software ...

Two fast growing standards in the world of identity management are paving the way for the open social web of the future. Earlier this week the final draft spec for OpenID 2.0 was released and, with ...

Today, Google and Plaxo released a hybrid protocol that combines OpenID, the open online identity standard, with OAuth, the secure data portability standard. Too often, when a Website wants to import ...

Signs continue to point in a positive direction for OpenID. Representatives from major web companies and innovative players are meeting at Yahoo today to discuss the user experience of OpenID and ...