The very diverse nature of brute-force attacks and their technical foundation make them difficult to stop completely. But with careful design and multiple countermeasures, exposure to these attacks can be limited. The following text highlights common attack schemes and possible counter-measures…
JSON Web Tokens or just JWTs (pron. [ˈdʒɒts]) are the new fancy kids around the block when it comes to transporting proofs of identity within an untrusted environment like the web. In this article, I will describe the true purpose of JWTs. I will compare classical, stateful authentication with modern,...
Self-contained JWTs can be used as one-time tokens. I’ll show when this makes sense & how to implement it.