mastodon.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
The original server operated by the Mastodon gGmbH non-profit

Administered by:

Server stats:

373K
active users

#oauth

3 posts3 participants0 posts today

"With admin access to those accounts, you can get into many of the services they used Google's to log into, like Slack, ChatGPT, Zoom, & HR systems. Ayrey writes that he bought a defunct startup domain & got access to each of those through Google account sign-ins. He ended up with tax documents, job interview details, & direct messages, among other sensitive materials." arstechnica.com/security/2025/

Scary shadowy hands reach across a landscape of business app icons, ready to rifle through all the private data an exploit gives them access to
Ars Technica · Startup necromancy: Dead Google Apps domains can be compromised by new ownersBy Kevin Purdy

I'm presenting at the Wellington Python New Zealand meetup on Thursday evening, so if you're in town come along and cheer.

The subject is integrating #OAuth into a #Django project : what OAuth is and how it works; a good approach to integrating it into a Django project ; and what benefits it brings.

Although the talk with be Django-centric I hope those attending will be able to contribute their experience of using OAuth in #Flask, #FastAPI etc.

Sign up is here : meetup.com/pythonnz-wellington

I am not entirely the same opinion, but I don't know the ultimatiave solution either.

»API Keys vs OAuth - Discover Best Practices to Secure your API's:
Securing your API may sound complicated, but there are some basic things you can consider when setting up your API in a more secure way than just exposing it wide open to the public. Authenticating a consumer is a first step towards…«

🔐 blog.axway.com/learning-center

Axway Blog · API Keys vs OAuth - Discover Best Practices to Secure your APIsAPI keys and OAuth2 are two of the most popular mechanisms for securing APIs. This article defines them and covers differences and limitations.

🔒 How to Design a Secure Web API: Best Practices 💻

Designing a secure Web API is essential to protect sensitive data, prevent unauthorized access, and ensure safe interactions with your application. Whether you’re developing a RESTful API or GraphQL API, implementing security measures is key to maintaining the integrity and safety of your system.

#Fedi, looking for people with experience in #accessible software.

I have a friend with serious vision issues. Not blind, but can't easily read text that isn't 6+ inches high, and his vision is degrading. He is looking for a way to deal with email -- he's a writer -- because he says Gmail is now a nightmare to use even with a screen reader.

Preferred solution would be a mail program / #MUA that runs on Windows and supports #OAUTH authentication, so he can continue to use his Gmail address.

What's the MUA with the best #accessibility on Windows? Thunderbird brags about its support for screen readers and assistive technologies, so I had him try it, and he says it's almost as bad as Gmail - flashing colours, animating controls. I haven't personally touched Thunderbird in many years, so it was a surprise to me.

I use a text/console mail flow that relies on a local MTA, so nothing I use is of any use in this.

Thanks, appreciate any pointers.