Skip to content

Instantly share code, notes, and snippets.

@JessicaG

JessicaG/warmup.md

Last active August 29, 2015 14:09
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save JessicaG/77a44abaa7d029449bf0 to your computer and use it in GitHub Desktop.
Save JessicaG/77a44abaa7d029449bf0 to your computer and use it in GitHub Desktop.
Download ZIP
Oath Warmup
Raw
warmup.md

Warmup

Begin by answering the following questions:

Why do we use passwords?

To have security over personal information; you are who you say you are essentially. Cryptography: "The science of trust"

What does it mean to say we then trust the service provider?

That we are okay with the service provider having our data and using it if we give them permission

Why does having more and more systems with logins make the average person less secure?

because they'll likely use the same password

How does OAuth help?

becuase it's harder to hack and it's likely that the user will see a list of authorized applications and recognize which one is good and bad (ie posting on their page). Allows people to have less passwords

Why is OAuth advantageous for a startup business?

It allows for easier customer acquisition, less security risk for them as well as easier to maintain and looks trustworthy to the customer.

Key Terms & Concepts

OAuth Brokering trust User, Consumer, and Provider Token (Encryption) Key & Secret

Discussion Plan

Discuss OAuth at a high level including issues of trust, passwords, and users' security considerations

Discuss why/how OAuth came about and how to recognize it

Began in 2007, as a desire to mine data from other services and allowing customers to not have so many logins

Walk through the OAuth flow

See notes

Outline the necessary steps to be an OAuth consumer

Discuss what it'd look like to be an OAuth provider

Take a quick look at OmniAuth

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment