Techopedia Explains OAuth 2.0
OAuth works by using authentication tokens, which act as pointers to a resource and provide parameters for sharing, such as a limited time window. This way, the user can give third parties access to certain features and functions in a program without giving access to everything stored therein, including personal data. This is similar to an authenticator called OpenID, but the two protocols are somewhat different. Whereas OAuth authorizes third parties to use some of a user's protected resources, OpenID is more focused on authorizing access to their identity.
One example that is often used to explain OAuth 2.0 and related versions is that the authenticator uses a string as a valet key for access to a particular item. The criticism here is that just like a key, a hacker could obtain the token and gain unauthorized access. Although current development of OAuth 2.0 promote widespread use through compatibility with Facebook and other platforms, some critics are concerned that this protocol could be a liability for overall network security depending on implementation.
- OAuth 2.0 101
- INFOGRAPHIC: 9 Tips for Keeping Your Internet Use Private
- 5 Ways to Protect Online Privacy
- Do Millennials Understand Online Privacy?
- Biometrics: New Advances Worth Paying Attention To
- 7 Sneaky Ways Hackers Can Get Your Facebook Password