4ff2f1955778896cc06318b342dabf55?size=200 avatar

4ff2f1955778896cc06318b342dabf55?size=200

Former Auth0 Employee

Maria Paktiti

We explain the difference between access token and ID token and why the latter should never be used to secure an API.

Why You Should Always Use Access Tokens to Secure an API

8e5a8216a606127a787669d99de86ee2?s=200 avatar

8e5a8216a606127a787669d99de86ee2?s=200

Carlos works to enable Auth0 customers to integrate with Auth0 using industry best practices.  He works to maximize both security and user experience in Authentication.

Senior Solutions Architect

Carlos Mostek

Learn how utilize SSO for your Disqus WordPress plugin for your blog comments using Auth0 for authentication on the blog.

Add SSO for Disqus on your WordPress Site with Auth0

df6c864847fba9687d962cb80b482764?size=200 avatar

df6c864847fba9687d962cb80b482764?size=200

Martin Gontovnikas, a.k.a Gonto, is a software engineer at heart who moved to the ‘dark side’ and became VP of Marketing at Auth0. He considers himself lucky to have found a way to combine his two passions and apply his engineering thinking model to marketing.<br/><br/> Gonto’s analytical thinking is a huge driver of his data-driven approach to marketing strategy and experimental design. He is based in the Bay area, and in his spare time, can be found eating gourmet food at the best new restaurants, visiting every local brewery he can find, or traveling the globe in search of new experiences.

SVP of Marketing and Growth at Auth0

Martin Gontovnikas

When your users' behaviors determine the safety of your login, passwordless comes out on top.

Is Passwordless Authentication More Secure Than Passwords?

1097492785caf9ffeebffeb624202d8f?s=200 avatar

1097492785caf9ffeebffeb624202d8f?s=200

Prosper is a great speaker, community leader, open source hacker, technical consultant, and a fervent Developer Advocate. He is a full-stack software engineer who has worked on biometric, health and developer tools. Prosper recently co-founded a startup called Eden that’s focused on improving the quality of lives in Nigeria and currently leads the engineering team. He also co-founded forloop, the largest developer community in Africa.

Prosper Otemuyiwa

Cracking a JWT signed with weak keys is possible via brute force attacks. Learn how Auth0 protects against such attacks and alternative JWT signing methods provided.

Brute Forcing HS256 is Possible: The Importance of Using Strong Keys in Signing JWTs

eHk3ciM

I am the Head of Developer Relations at Auth0, and a Google Developer Expert in Web Technologies and Angular. I'm passionate about identity, authentication, constant learning, and developer communities. As a developer advocate, engineer, mentor, and international speaker, I love learning from and sharing with other inhabitants of the tech space.

Head of Developer Relations

Kim Maida

Learn about identity innovations, and why identity matters for innovation labs.

Why Identity Matters for Innovation Labs

As technology becomes more advanced, movies are predictors of how our identity will be utilized.

Analyzing Identity in Movies

From revenue to employee happiness, identity management has more to offer than you might think.

5 Reasons Your Company Needs Identity and Access Management

56227bdd539c480cc054eaa72eb1885d?s=200 avatar

56227bdd539c480cc054eaa72eb1885d?s=200

Guest Author

Antonio Sanso

JSON Web Encryption is vulnerable to a classic Invalid Curve Attack. Learn how this may affect you and what to do about it.

Critical Vulnerability in JSON Web Encryption

99c4080f412ccf46b9b564db7f482907?s=200 avatar

99c4080f412ccf46b9b564db7f482907?s=200

I'm currently a Senior Developer Advocate at MongoDB. I'm also a Google Developer Expert for Web Technologies and spend most my time giving talks at conferences and meetups, mentoring developers and running workshops, and creating online content to help technology professionals.

Ado Kukic

An unsecured database allowed hackers to steal personal information from over 820,000 Cloudpets customers. Learn how this may affect you and what to do next.

Cloudpets Data Breach Affects Over 820,000 Customers

604869?v=3&s=200

System Engineer, geek, foodie, technology lover, speaker.

Head of Content

Diego Poza

Tavis Ormandy, a vulnerability researcher at Google, discovered that Cloudflare was accidentally leaking sensitive data including passwords, private messages, and more. Learn how this may affect you and your customers and what to do next.

What Cloudbleed Means for You and Your Customers

The CWI Institute and Google have successfully demonstrated a practical SHA-1 collision attack by publishing two unique PDF files that produce the same hash value.

SHA-1 Has Been Compromised In Practice

Multifactor authentication is important, but the question of implementation is more complex than it seems.

Is Multifactor Authentication The Best Way To Secure Your Accounts? Myths And Reality

Optimizing your login for enterprise customers can help you save time and close deals.

Identity & Security