Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/alwayscurious/statuses/114094677415445822">Demi Marie Obenour (alwayscurious@infosec.exchange)'s status on Monday, 03-Mar-2025 05:22:11 JST</a><a href="https://infosec.exchange/@alwayscurious" title="alwayscurious@infosec.exchange"><img src="https://gnusocial.jp/theme/gnusocialjp/default-avatar-stream.png" width="48" height="48" alt="Demi Marie Obenour" style="position: absolute; left: 0; top: 0;">Demi Marie Obenour</a><div><a href="https://hachyderm.io/@dalias/114094660836501189" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/40873" title="dalias@hachyderm.io">Rich Felker</a></li><li><a href="https://gnusocial.jp/user/102210" title="swordgeek@mstdn.ca">Colin B.</a></li><li><a href="https://gnusocial.jp/user/315648" title="theearthisapringle@mastodon.social">theearthisapringle</a></li></ul></div></section><article><p><a href="https://hachyderm.io/@dalias" rel="nofollow">@dalias</a> <a href="https://queer.hacktivis.me/users/lanodan" rel="nofollow">@lanodan</a> <a href="https://mastodon.social/@theearthisapringle" rel="nofollow">@theearthisapringle</a> <a href="https://mstdn.ca/@swordgeek" rel="nofollow">@swordgeek</a> Hard disagree on SSO, which (combined with SCIM) really is the right way to authenticate to things in an enterprise or government environment.  For instance, many U.S. government websites use <a href="https://login.gov" rel="nofollow">https://login.gov</a> as the SSO provider, and that really is an improvement over them all managing authentication separately.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4661695#notice-9126320">In conversation</a><time datetime="2025-03-03T05:22:11+09:00" title="Monday, 03-Mar-2025 05:22:11 JST">about a month ago</time> <span>from <span><a href="https://infosec.exchange/@alwayscurious/114094677415445822" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@alwayscurious/114094677415445822">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: login.gov</div><h5><a href="https://login.gov/">The public’s one account for government. | Login.gov</a></h5><div></div></header><div>Use one account and password for secure, private access to participating government agencies.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Demi Marie Obenour (alwayscurious@infosec.exchange)'s status on Monday, 03-Mar-2025 05:22:11 JSTDemi Marie Obenour
in reply to
@dalias @lanodan @theearthisapringle @swordgeek Hard disagree on SSO, which (combined with SCIM) really is the right way to authenticate to things in an enterprise or government environment. For instance, many U.S. government websites use https://login.gov as the SSO provider, and that really is an improvement over them all managing authentication separately.
In conversationabout a month ago from infosec.exchangepermalink
Attachments
1. Domain not in remote thumbnail source whitelist: login.gov
  The public’s one account for government. | Login.gov
  Use one account and password for secure, private access to participating government agencies.

Public

Embed Notice

HTML Code

Corresponding Notice