Using social identity providers to log into other websites, a first-person narrative
Matt Takemoto, our newest software engineer at WhoIAM describes how he revisited a Spotify account breach he experienced in the past after he started working at an identity/security company.
Continue Reading
Hashed Password Migration in Azure AD B2C
Migrating from an older identity and access management solution often requires some careful thought on how to port over hashed and salted passwords into your new IAM system. In this post, we will discuss how to deal with migrating hashed passwords from your current identity provider into Azure AD B2C
Continue Reading
How to Recognize and Prevent Credential Stuffing Attacks on Azure AD B2C
As a company implementing an IAM solution, it is essential to have a plan for mitigating hard-to-discover attacks like credential stuffing. Keep in mind that while you must enforce security measures, there’s careful consideration that needs to go into providing a highly secure authentication mechanism, while ensuring that the friction of logging into your app does not result in customers just dropping off and not completing a registration or sign-in.
Continue Reading