Associate
Hello everyone!
It's been a while since I've posted in HG&P, I hope you're all well.
I'm just starting out on a new project and as always, security is the first thing on my mind. I've got the standard user registration / login sorted out and I was also considering adding in Social Authentication via HybridAuth to let users sign in with their Facebook / Twitter / Google / etc account.
I then stumbled across web articles like http://www.breaksec.com/?page_id=6002 and others claiming that there are massive security holes in OAuth2.
My key question is, are there any security issues for me as a consumer of OAuth2?
Thanks in advance
It's been a while since I've posted in HG&P, I hope you're all well.
I'm just starting out on a new project and as always, security is the first thing on my mind. I've got the standard user registration / login sorted out and I was also considering adding in Social Authentication via HybridAuth to let users sign in with their Facebook / Twitter / Google / etc account.
I then stumbled across web articles like http://www.breaksec.com/?page_id=6002 and others claiming that there are massive security holes in OAuth2.
My key question is, are there any security issues for me as a consumer of OAuth2?
Thanks in advance