Original article: https://www.openidentityplatform.org/blog/adaptive-authentication


Your applications will be attacked sooner or later. Especially if they have become popular and your users don’t particularly care about information security.

In my 10 years of developing authentication systems, I’ve seen a constant battle between security requirements and a positive user experience. The easier it is for a user to log into a service, the less annoyed they are. On the other hand, the more complex the authentication process, the easier it is for an attacker to break into the system. Is there a compromise possible here?

In my opinion, yes. An adaptive authentication system…

Original article https://www.openidentityplatform.org/blog/login-password-authentication


The following article is intended for newbies, who want to develop authentication for their services. In the article, we will look at the most common authentication method — login and password authentication, its implementation, advantages, and disadvantages.

Authentication is an identity verification process. For software, authentication is used for verifying the identities of users or client applications. The most common way to authenticate users is login and password authentication.

User login could be public but the password should be only in the user’s memory (and not on a piece of paper under the keyboard or taped to…

Original Article: https://www.openidentityplatform.org/blog/passwordless-authentication-methods


Nowadays, people use more and more different online services in everyday life, and each service requires authentication. So, for each service, you need to remember your username and password. And, even the login for each service can be the same (for example, the email), then the password must be unique for each service. It is much better to have a complex password, i.e: have a length of 8 characters and more, contain uppercase and lowercase letters, numbers, and special characters.

Of course, it is impossible to remember the complex password for each service, so users either use…


This is an introductory article for those who are just diving into the problem of protecting enterprise applications and services. It explains the basic concepts related to access control, what is the access control, for which it is necessary, how it works.

Basic Concepts

Authentication — a process designed to verify the authenticity of the user. The user enters his own credentials, which only he owns, such as login and password.

Authorization — a process designed to make sure that the user able to perform a certain operation. For example, only the user with administrative rights has access to the system’s advanced…


Kerberos authentication allows users to authenticate seamlessly to trusted sites. If users already authenticated in a corporate network, there is no need to authenticate to other applications. They just use previously entered credentials. In this article, we will set up Kerberos authentication with your application in several minutes. As an authentication service, we will use Gortas Open Source authentication service.

Windows Server Setup

In your Windows Server create Kerberos account, for example gortasKerberos that will be used for Kerberos authentication. Enable checkboxes User cannot change password и Password never expires.

Then create keytab file gortasKerberos.keytab with ktpass command

ktpass -out gortasKerberos.keytab -princ HTTP/auth-service-domain@KERB.DOMAIN…

Original article: https://www.linkedin.com/pulse/how-implement-adaptive-authentication-using-machine-learning-thomas/


Machine learning is more and more widely used in our lives and its applications become wider — machine learning helps us to make decisions, detect hidden patterns and also identify various types of anomalies. Machine learning is used in various industries — in medicine for more precise diagnostics, in retail for personalized offers and sales predictions, in banking sector for credit scoring. In this article I propose to consider an approach for using machine learning to increase authentication security.

Authentication is a process used in almost every organization, starting from an employee whose identity needs to be…

Nowadays, Internet services are evolving rapidly and amount of everyday using services are growing up exponentially. Some services we start to use, some of them we abandon. Yesterday we used ICQ and Hotmail, nowadays we use Slack, Gmail and Snapchat, tomorrow we will use next-generation services. Internets services help us to do different kinds of stuff: exchange text messages and media, maintain documentation, listen music and watch video, rent houses and cars. The only one thing, that almost all services have in common, is need to sign up and sign in to this services. …

Maxim Thomas

Open Identity Community member, OSS Enthusiast

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store