Authentication • didof.dev

Category

Authentication (Auth) is the process of verifying that an individual or system is who they claim to be. It is the first step in any security process and is distinct from authorization (what a user is allowed to do).

Common methods include:

Something you know: Passwords or PINs.
Something you have: Security tokens, mobile phones (for OTPs).
Something you are: Biometrics like fingerprints or facial recognition.
Multi-Factor Authentication (MFA), which combines two or more of these methods.

July 2025

July 18, 2025

The Evolution of Password Security: From Basic Storage to Argon2

A level-by-level journey into password security. Discover why a simple hash isn't enough and how to defend your users from hackers and data leaks, from salt and pepper to Argon2.

Read

July 11, 2025

SHA256 and the Length Extension Attack

SHA-256 is a cornerstone of security, but it's not invincible. Discover how its internal structure opens the door to the feared length extension attack and why HMAC is the fundamental solution.

Read

April 2022

April 28, 2022

GitHub App and OAuth ~ Disjointed flow

Discover how to integrate GitHub App functionality into an existing OAuth-based authentication system. This guide explains how to authenticate as a GitHub App using JWT, retrieve installation IDs, and access repositories associated with the app.

Read

April 27, 2022

OAuth popup ~ Practical Guide

Enhance your GitHub OAuth implementation by using a popup approach for authentication in single-page applications (SPAs). This guide walks you through the process of spawning a popup for user authentication and securely handling the access token.

Read

April 26, 2022

GitHub App and OAuth ~ Practical Kick-Starter

Learn how to build an interface that allows GitHub-authenticated users to view which repositories have a specific GitHub App installed. This guide covers creating a GitHub App, implementing OAuth authentication, and querying the GitHub REST API for installations and repositories.

Read