Craig Locke
Reputation: 799
Open Authentication 2.0 - Inherent Security Risks
There are a few social networking sites which use Open Authentication 2.0. I am aware that Open Auth is vulnerable to phishing attacks, though SSL makes it unlikely. What are the security risks inherent in using Open Auth 2.0?
Upvotes: 7
Views: 222
Answers (1)
Ravi Vasamsetty
Reputation: 413
This document has some good pointers on how the attack can be and what are the counter measures
https://www.rfc-editor.org/rfc/rfc6819
Hope this helped
Upvotes: 1
Related Questions
- OAuth 2.0 public client impersonation
- OAuth clarification
- Is oauth2 insecure?
- How secure is OAuth2 for web applications
- OAuth and authentication
- OAuth2.0 Concept
- OAuth2 out of band user authorization
- OAuth 2.0 Authorization Server and Access Tokens
- OAuth - How is it secure?
- Weakness in oAuth 2.0 - what are the alternatives?