Feb 19 · 5 min read · When teams adopt WebAuthn or FIDO2, the excitement is understandable: No passwords. No phishing. No credential stuffing. Biometric UX. Public-key cryptography. It feels like the final answer. But WebAuthn answers exactly one question: Can thi...
Join discussion
Feb 18 · 6 min read · WebAuthn gave us phishing-resistant, device-bound authentication.But devices get lost. Browsers reset. Users switch laptops. Institutions manage identities centrally. That’s where OIDC (Feide) enters — not as a competitor to passwordless, but as stru...
Join discussion
Feb 12 · 6 min read · If WebAuthn answers the question: “Can this device prove control of a credential right now?” OpenID Connect answers a different question entirely: “Who is this person across systems, time, and organizations?” Modern authentication systems fail wh...
Join discussion
Jan 5 · 5 min read · When working with Azure, one of the first (and most confusing) topics you’ll face is authentication. You’ll often see this priority order mentioned: PriorityMethodAzure stance 🟢 1Managed IdentityStrongly recommended 🟢 2Federated IdentityMod...
Join discussionOct 2, 2025 · 4 min read · Federated Identity Analytics: Detecting Anomalies Across Systems Envision a federated system encountering an unusual login pattern in the middle of a busy workday. One account appears to be accessing multiple applications from geographically distant...
Join discussion