CodeB Authenticator: A New Era of Web Authentication

In the vast world of digital connectivity, the way users access online platforms has seen significant evolution. Social logon buttons, which allow users to sign in using their social media credentials, have been at the forefront of this change. However, while they offer convenience, they also come with a set of challenges. The CodeB Authenticator, … Read more

Never trust, always verify!

In an era where cyber threats constantly evolve and challenge our online sanctuaries, organizations find themselves navigating treacherous waters. The recent breach involving Microsoft and the Chinese threat actor, Storm-0558, serves as a stark reminder of the vulnerabilities hidden within even the most fortified digital fortresses. This incident underscores the undeniable importance of the Zero … Read more

Riding Out the Storm-0558: With Good Practices, It’s Not a Washout!

The blog post on Wiz.io (https://www.wiz.io/blog/storm-0558-compromised-microsoft-key-enables-authentication-of-countless-micr) provides an in-depth analysis of a security violation involving Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA). This violation was linked to a Chinese threat actor, Storm-0558, who managed to secure a private encryption key (MSA key) and used it to generate fake access tokens for Outlook Web … Read more

Registering CodeB Authenticator as Identity Provider in Azure Active Directory B2C

To register CodeB Authenticator as Identity Provider (IdP) using the CodeB Identity Broker with Microsoft Azure Active Directory B2C (AD B2C), follow these steps: 1. Go to the Azure Portal and navigate to “Azure AD B2C” -> “Identity providers”. 2. Click on “New OpenID Connect provider”. 3. In the “Configure custom IDP” window that opens … Read more

Embracing a Passwordless Future at CodeB

For the past decade, we’ve observed World Password Day, an annual reminder for individuals to update their passwords. This tradition underscores a fundamental flaw of passwords: for them to remain effective, they must be changed frequently. However, people often struggle to remember these constantly changing passwords, leading to insecure practices such as pattern-based changes or … Read more

Integrate CodeB into Auth0 as Social Connection

In our article “Integrate CodeB into Auth0 as Enterprise Connection” we explained how to integrate the distributed identities of CodeB into Auth0. But not every Auth0 subscription allows to create enterprise connections. To integrate CodeB via plain OAuth2 (Social Connection) is very easy. Go to Authentication -> Social Press button “Create Connection” Use “https://portal.codeb.io/” as … Read more

CodeB OpenID Connect Client Sample

Most popular web based applications such as NextCloud, WordPress, etc. are supported by many OpenID Connect Clients available but it looks complete different for less popular or in-house applications. For demonstration purpose we have created a plain vanilla JavaScript Library so that OpenID Connect Connectivity can be implemented with just one include directive referencing our … Read more

Use CodeB SSI as OpenID Connect Identity Provider for WordPress

The Self-Sovereign Identity System of CodeB does not only support W3C DID’s but comes also with an inbuilt OpenID Connect (OIDC) Identity Provider. OpenID Connect meets distributed Self-Sovereign Identities. Integration of the Identity Provider into existing systems is extremely easy. In this article we use WordPress as an example. Now you can proceed and logon … Read more