Naked Security

Beware rogue 2FA apps in App Store and Google Play – don’t get hacked!

Even in Apple's and Google's "walled gardens", there are plenty of 2FA apps that are either dangerously incompetent, or unrepentantly malicious. (Or perhaps both.)

Naked Security

Serious Security: OAuth 2 and why Microsoft is finally forcing you into it

Microsoft calls it "Modern Auth", though it's a decade old, and is finally forcing Exchange Online customers to switch to it.