Reed McGinley-Stempel

what is totp

What is TOTP and why does it matter?

Time-based one-time passcodes (TOTP) are a type of multi-factor authentication (MFA) that leverages software authenticator apps (e.g. Google Authenticator, Authy, Microsoft Authenticator) to verify your identity. These authenticator apps supply a randomly generated code that changes every 30 seconds.  Time-based One-time Passcodes are generated using a shared secret (a random string of characters) and the …

What is TOTP and why does it matter? Read More »

The definitive guide to choosing a Customer and Identity Access Management (CIAM) solution

When it comes to customer identity and access management (CIAM), there are a lot of decisions to make. What features do you need? How will you integrate the solution into your existing infrastructure? Do you want to build or buy a CIAM platform? These are all important questions, but they can be difficult to answer …

The definitive guide to choosing a Customer and Identity Access Management (CIAM) solution Read More »

Improve user authentication to prevent account takeover and fraud

Poor user experiences directly contribute to most online fraud each year. 82% of all successful data breaches can be traced back to the human element involved in online security — specifically, weak and inadequate passwords remain the largest source of account takeover risk. But users aren’t to blame for weak passwords — the user experience …

Improve user authentication to prevent account takeover and fraud Read More »

A founder’s guide to raising your seed round

I’m often asked by other founders about Stytch’s seed fundraising experience and what advice I’d give to other early-stage founders navigating the process today. While the overall fundraising environment has shifted in recent months, I think my advice for approaching a seed fundraise still fundamentally applies in the current market. I wanted to take a …

A founder’s guide to raising your seed round Read More »

How Apple’s passkeys just brought us one step closer to a passwordless internet

Stytch was founded with the mission of eliminating friction on the internet. The first major source of friction we’ve tackled? Password-based authentication. We’ve consistently highlighted the many ways passwords contribute to database hacks and account breaches — not to mention the friction and frustration they cause for users, who are forced to memorize dozens (if …

How Apple’s passkeys just brought us one step closer to a passwordless internet Read More »

Web3 and the future of data portability: rethinking user experiences and incentives on the internet

Web3’s fundamental improvements to data portability and user authentication enable new, exciting experiences, but solvable shortcomings remain. Tech conversations are now peppered with a new, contentious buzzword: Web3, and we’re all likely to hear a lot more of it in the coming years. It’s an umbrella term for disparate ideas all pointing in the direction of …

Web3 and the future of data portability: rethinking user experiences and incentives on the internet Read More »

Introducing Log in with Ethereum

Unlock Web3 via Stytch without having to touch a blockchain. Stytch is on a mission to eliminate friction from the internet and we’re thrilled to launch our first passwordless authentication solution for Web3—Log in with Ethereum. Log in with Ethereum makes crypto wallet authentication seamless, for both engineers and end users, and supports passwordless authentication …

Introducing Log in with Ethereum Read More »

Authenticator app time-based passcodes

Introducing TOTP Authentication for Next-Level Security

Today, we’re excited to introduce TOTP (time-based one-time passcodes), an important passwordless two-factor authentication option that can be used in situations where you need high security assurance. TOTP authentication solutions are ideal for particularly sensitive use cases that are also highly attractive to attackers in terms of the potential payoff they offer–think money movement in …

Introducing TOTP Authentication for Next-Level Security Read More »

An introduction to WebAuthn

An example of the WebAuthn user flow on mobile or desktop. WebAuthn makes it easy for users to authenticate with device biometrics (e.g. FaceID/TouchID) or a hardware key like a YubiKey. “WebAuthn” is one of the most exciting passwordless technologies available to developers and users. With WebAuthn, experiences like the below are now possible, allowing …

An introduction to WebAuthn Read More »