The memo does not include any requirements for authenticators to be phishing-resistant, even though DoD is required to retire phishable authenticators by 2027.

Learn how SAML request signing and response encryption protect your SSO implementation. A comprehensive guide covering integrity, confidentiality, and best practices.

Compare the 15 best passwordless authentication solutions for 2026. Explore features, pricing, use cases, and how to choose ...

Black Hat Europe 2025: Multiple hacking techniques allow researchers to bypass XML signature validation while still presenting valid SAML documentation to an application. Researchers have uncovered ...

What is two-factor authentication, and why do experts say it's the key to better online security? Two-factor authentication—often referred to as two-step authentication and 2FA—is a method for keeping ...

A critical Samlify authentication bypass vulnerability has been discovered that allows attackers to impersonate admin users by injecting unsigned malicious assertions into legitimately signed SAML ...

Two high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass Security Assertion Markup Language (SAML) authentication ...

Nathan Eddy works as an independent filmmaker and journalist based in Berlin, specializing in architecture, business technology and healthcare IT. He is a graduate of Northwestern University’s Medill ...

Nathan Eddy works as an independent filmmaker and journalist based in Berlin, specializing in architecture, business technology and healthcare IT. He is a graduate of Northwestern University’s Medill ...