Blogs

Session Hijacking: The Hidden Weak Spot Most AaaS Platforms Ignore

A lot of Authentication as a Service platforms do a good job right up until the moment a token lands in a browser cookie. After that, you're on your own. If a malicious user manages to steal that cookie and replay it in another browser, they may be able to take over the original user's session. That is session hijacking.

Two-factor Authentication Is Overrated. There, We Said It

Typing usernames and passwords, waiting for SMS codes, digging through countless entries in your authenticator app. We feel your pain, truly.

Privacy-first Authentication: Why CentralAuth Has No Cookie Wall

Open almost any website today and the first thing you'll see isn’t the content, it's a cookie banner. A pop-up asking you to accept, reject or configure tracking. It's just a routine part of browsing the web. Or is it?