Haxogreen 2016 Wiki

Security and privacy of modern single sign-on in the web

We present attacks that have been discovered in the last years and the current state of security for the following web SSO sytems: - BrowserID a.k.a. Mozilla Persona - OAuth & OpenID Connect (Login with Facebook etc.) - SPRESSO (new SSO with privacy)

About us: We are both web security researchers at the University of Trier and members of the Maschinendeck hacker space.

Retrieved from "http://wiki.haxogreen.lu/2016/w/index.php?title=Security_and_privacy_of_modern_single_sign-on_in_the_web&oldid=148"