Web authentication and access control

Get tips and tricks on web authentication and and web access control. Learn when restricting Web access is necessary and how web application IAM techniques like single sign-on can thwart hacker attacks and threats.

New & Notable

Download this free guide

Your Guide to Info Sec Certifications

We’ve collected 30+ certifications for you. Which vendor-neutral and vendor-specific security certifications are best for you? Save time by downloading our list organized by experience level.

Corporate E-mail Address:
You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login.
You have exceeded the maximum character limit.
Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Web authentication and access control News

April 24, 2018 24 Apr'18
Akamai touts network perimeter security shifts, zero-trust model

As network perimeter security grows less practical, Akamai talks at RSA Conference about moving beyond firewalls to improve authentication with a zero-trust model.
April 10, 2018 10 Apr'18
WebAuthn API gets standards nod from W3C, FIDO Alliance

W3C and the FIDO Alliance have given websites a new tool for doing FIDO-compliant authentication, as the WebAuthn authentication protocol is promoted to W3C Candidate Recommendation.
February 07, 2018 07 Feb'18
Grammarly vulnerability exposed user documents

A Grammarly vulnerability in its browser extension authentication could have exposed users' sensitive documents if the popular spelling and grammar checker were left unpatched.
July 12, 2017 12 Jul'17
Risk & Repeat: Should IAM systems be run by machine learning?

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the identity and access management industry and how machine learning algorithms could govern IAM systems.

View All News

Web authentication and access control Get Started

Bring yourself up to speed with our introductory content

FIDO (Fast Identity Online)

FIDO (Fast ID Online) is a set of technology-agnostic security specifications for strong authentication. FIDO is developed by the FIDO Alliance, a non-profit organization that seeks to standardize authentication at the client and protocol layers. Continue Reading
identity management (ID management)

Identity management (ID management) is the organizational process for identifying, authenticating and authorizing individuals or groups of people to have access to applications, systems or networks by associating user rights and restrictions with ... Continue Reading
Learn how to identify and prevent access control attacks

Once an attacker has gained entry to a network, the consequences can be severe. Find out how the right access control tools can help prevent that from happening. Continue Reading

View All Get Started

Evaluate Web authentication and access control Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

Will biometric authentication systems replace passwords?

Biometric authentication systems have gained traction on mobile devices, but when will they become dominant within the enterprise? Expert Bianca Lopes weighs in on the topic. Continue Reading
Use an authenticated vulnerability scan to find system flaws

If unsafe computer systems scare the living daylights out of you, tune into this webinar on how to do authenticated vulnerability scans to avoid system damage. Continue Reading
How machine learning-powered password guessing impacts security

A new password guessing technique takes advantage of machine learning technologies. Expert Michael Cobb discusses how much of a threat this is to enterprise security. Continue Reading

View All Evaluate

Manage Web authentication and access control

Learn to apply best practices and optimize your operations.

Confused deputy: How did the vulnerability affect Slack?

A major SAML vulnerability was found in Slack that granted expired login credentials permission into the system. Matt Pascucci explains how this 'confused deputy' problem was handled. Continue Reading
Say hello to the future of authentication, bye to passwords

Passwords and tokens are a thing of the past. No way, you say? Our webcast on the likely ways authentication will work in the future may make a believer out of you. Continue Reading
Use caution with OAuth 2.0 protocol for enterprise logins

Many apps are using the OAuth 2.0 protocol for both authentication and authorization, but technically it's only a specification for delegated authorization, not for authentication. Continue Reading

View All Manage

Problem Solve Web authentication and access control Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How does credential stuffing enable account takeover attacks?

Credential stuffing activity is outpacing the growth of other cyberattacks and enabling account takeover attacks. Akamai Technologies' Patrick Sullivan explains the threat. Continue Reading
Canvas fingerprinting: How does it compromise security?

Mozilla recently decided to pull the HTML canvas element from the Firefox browser. Learn from expert Matt Pascucci what this means for the security and privacy of users. Continue Reading
LDAP injection: How can it be exploited in an attack?

After eight years, Joomla discovered an LDAP vulnerability that could be exploited by threat actors. Learn how the attack works from expert Matt Pascucci. Continue Reading

View All Problem Solve