Apr 26, 2020Internet and Cyber Attacks - 2This is the second blog of the series discussing the internet and cyber attacks. You can find the first blog here. Phishing Attacks The purpose of phishing attacks is to obtain resources and information such as usernames, passwords, credit card details by disguising as a trustworthy entity. This is commonly done through…Internet5 min read
Apr 26, 2020Internet and Cyber Attacks- 1This is the first blog of the series discussing the internet and cyber attacks. According to Wikipedia, an attack is any attempt to expose, alter, disable, destroy, steal, or gain unauthorized access to or make unauthorized use of an asset. …Security3 min read
Oct 9, 2019Is Email/SMS OTP a second factor? Internet Identity Workshop(IIW-29)This is the first time I participated in the Internet Identity Workshop and It was an amazing workshop. The event was held in the Computer History Museum, Mountain View, Califonia. …Security6 min read
Sep 25, 2019WSO2 Identity Server High-level Architecture — Part 1Introduction The purpose of this blog is to explain the high-level architecture of the WSO2 Identity Server. WSO2 Identity Server supports almost all the standard authentication and provisioning protocols such as OpenId Connect, SAML, SCIM by default. This blog post explains the component architecture and the flow/sequence of authentication and provisioning…Wso 25 min read
May 16, 2019Idle User Account Suspension in WSO2 Identity ServerThe purpose of this blog is to explain what user account suspension, the use cases of this feature and how it is implemented in WSO2 Identity Server. Some organizations support self user registration capability for the end users. …Wso 23 min read
May 16, 2019Password expiration Feature in WSO2 Identity Server.In order to support better security, password policies are enforced by organizations. Following are such kind of policies Password Patterns Password History validation. Password expiry validation. The purpose of this blog is to explain what password expiry validation is, the use cases of it and the implementation. Use cases of Password Expiration. Due to human…Wso 22 min read
May 16, 2019Admin initiated Password reset feature in WSO2 Identity ServerThe purpose of this blog is to explain what the admin initiated password reset feature is, use cases of this feature and how it is implemented in WSO2 identity server. What is ‘Admin initiated Password reset’ feature? There are some cases where privileged users want to force to change the passwords of end users. So, the ‘Admin…Security4 min read
May 14, 2019Ask Password Feature in WSO2 Identity ServerThe purpose of this blog post is to explain what ask password feature is, when this feature should be used, use cases and its implementation. What is the Ask Password Feature? There are different ways of creating users into the systems. Users themselves can self-register to the systems, Administrative users can create users to the system. …Wso 24 min read
May 13, 2019Self User Registration — WSO2 Identity ServerThe purpose of this blog post is to explain the ways of self-registering users to the Identity Server, security aspects and how it is implemented. What is Self User Registration? Some applications allow users to register to the system by themselves. …Wso 23 min read
May 12, 2019Password Policy Management in WSO2 Identity ServerMost of the applications use a password to authenticate to the system. In order to prevent unauthorized logins and secure user accounts from attackers, it is required to have a proper password which is hard to guess or identify. …Security4 min read
