New self-serve pricing
Learn more
Product
Solutions
Developers
Resources
Docs
Pricing
Log in
Contact us
Get started
Back to blog
Auth & identity
Auth & identity
December 3, 2024
What Is Anonymous Visitor Identification? How to Identify Visitors to your Website or App
Auth & identity
November 15, 2024
Canvas fingerprinting: Explained and illustrated
Auth & identity
November 1, 2024
Stytch Embedded Auth vs. Auth0 Universal Login
Auth & identity
October 31, 2024
Auth0's Security Incidents: How JWT Vulnerabilities Have Repeatedly Impacted the Platform
Auth & identity
October 24, 2024
Top techniques for effective API rate limiting
Auth & identity
October 17, 2024
Anti-spoofing tools and techniques
Auth & identity
October 2, 2024
Top strategies to prevent web scraping and protect your data
Auth & identity
September 25, 2024
Auth0 2024 Pricing Update: What They’re Hiding About the Real Cost
Auth & identity
September 25, 2024
Adaptive MFA: A smarter approach to authentication security
Auth & identity
September 4, 2024
SAML certificates explained
Auth & identity
August 28, 2024
Spotting the spoof: User agent spoofing unmasked
Auth & identity
August 22, 2024
What are SAML assertions?
Auth & identity
August 8, 2024
SAML vs LDAP: What's the difference?
Auth & identity
August 1, 2024
SAML vs OAuth: Key Differences Explained
Auth & identity
July 25, 2024
Integrating SAML Single Sign-On with Python, Okta, and Stytch
Auth & identity
July 23, 2024
Stopping an account takeover before it takes a toll
Auth & identity
July 9, 2024
SCIM API: Your comprehensive guide and introduction
Auth & identity
Engineering
June 28, 2024
Webhooks security best practices
Auth & identity
June 12, 2024
What is SCIM and how does it work?
Auth & identity
June 11, 2024
CAPTCHA vs. reCAPTCHA: What’s the difference?
Auth & identity
May 30, 2024
How to Enforce Multi-Factor Authentication with Node.js and Stytch
Auth & identity
May 24, 2024
Webhooks vs APIs
Auth & identity
May 22, 2024
What are webhooks?
Auth & identity
April 9, 2024
Account Abuse Prevention in 2024
Auth & identity
March 14, 2024
Session management best practices
Auth & identity
March 5, 2024
Managing user sessions: localStorage vs sessionStorage vs cookies
Auth & identity
March 5, 2024
Unpacking MACH architecture: The future of SaaS development
Auth & identity
February 29, 2024
Understanding JWKS: JSON Web Key Set Explained
Auth & identity
February 23, 2024
B2B SaaS applications: A comprehensive overview
Auth & identity
February 13, 2024
What is SaaS integration and why should developers consider it?
Auth & identity
February 9, 2024
RBAC vs PBAC vs ABAC
Auth & identity
February 6, 2024
What is attribute-based access control (ABAC)
Auth & identity
January 29, 2024
What is role-based access control (RBAC)?
Auth & identity
January 26, 2024
Keycloak alternatives for enterprise authentication and identity management
Auth & identity
Engineering
January 12, 2024
How to securely implement M2M authentication and authorization in Node.js using Stytch
Auth & identity
January 11, 2024
What is a reverse proxy?
Auth & identity
December 29, 2023
Scalper bots: The box office boom no one wants
Auth & identity
Engineering
December 26, 2023
The complete guide to machine-to-machine (M2M) authentication and authorization
Auth & identity
December 22, 2023
Bot mitigation software: A fraudster's foil in an automated world
Auth & identity
December 14, 2023
Beating back bot fraud in 2024
Auth & identity
Product
December 5, 2023
Introducing Passkeys authentication
Auth & identity
December 5, 2023
Passkey authentication: The cure for password dependency?
Auth & identity
December 1, 2023
Passkey vs. password: a new era of secure authentication
Auth & identity
November 27, 2023
What is a common indicator of a phishing attempt?
Auth & identity
November 21, 2023
What is a bot and how do they work
Auth & identity
November 10, 2023
Preventing contact spam form submissions
Auth & identity
November 8, 2023
One-Time Password (OTP) bots: what they are and how to stop them
Auth & identity
November 3, 2023
What is fraud prevention?
Auth & identity
November 1, 2023
What is browser fingerprinting?
Auth & identity
October 23, 2023
What is SIM-swap scam, and how can you protect your users against one?
Auth & identity
October 4, 2023
JWT claims
Auth & identity
October 3, 2023
Evaluating Auth0 alternatives for authentication and authorization
Auth & identity
October 3, 2023
What is a JSON web token?
Auth & identity
September 1, 2023
How to manage Auth0’s rules and hooks deprecation: a shift towards actions
Auth & identity
August 30, 2023
Extending authorization code flows with PKCE
Auth & identity
August 30, 2023
What is an enumeration attack?
Auth & identity
August 30, 2023
How to prevent enumeration attacks
Auth & identity
July 11, 2023
The journey to ISO 27001 certification
Auth & identity
July 10, 2023
The top 10 password cracking techniques – and how to outmaneuver them
Auth & identity
April 12, 2023
IdP- vs SP-initiated SSO
Auth & identity
April 1, 2023
Authentication vs. authorization: what you need to know
Auth & identity
March 23, 2023
What is OAuth 2.0?
Auth & identity
March 21, 2023
How do voice recognition biometrics work?
Auth & identity
March 16, 2023
Foundations of scalable B2B auth
Auth & identity
Company
March 15, 2023
Stytch Talks With Jordan Burris: “The Future of Multi-Factor Authentication (MFA)”
Auth & identity
March 1, 2023
Argon2 vs bcrypt vs. scrypt: which hashing algorithm is right for you?
Auth & identity
February 23, 2023
What is a passkey?
Auth & identity
February 15, 2023
All about biometric authentication
Auth & identity
February 13, 2023
What is passwordless authentication?
Auth & identity
February 10, 2023
What are one-time passcodes (OTPs)?
Auth & identity
February 6, 2023
Bot mitigation for identity and access management
Auth & identity
February 2, 2023
The FIDO alliance and a passwordless future
Auth & identity
February 1, 2023
Balancing security and adoption: preventing account takeover fraud with multi-factor authentication
Auth & identity
February 1, 2023
TOTP vs SMS: Which one is better for two-factor authentication (2FA)?
Auth & identity
January 23, 2023
JWTs vs. sessions: which authentication approach is right for you?
Auth & identity
Engineering
January 20, 2023
Choosing a B2B auth provider
Auth & identity
Engineering
January 10, 2023
What is Security Assertion Markup Language (SAML) and how does it work?
Auth & identity
December 16, 2022
What is device fingerprinting, and how does it work?
Auth & identity
Engineering
December 16, 2022
What is OpenID Connect (OIDC)?
Auth & identity
December 16, 2022
Securing AI against bot attacks
Auth & identity
Engineering
December 9, 2022
SSO protocols: SAML vs. OIDC
Auth & identity
Engineering
November 22, 2022
What is single sign on (SSO) and how does it work?
Auth & identity
November 17, 2022
What is CAPTCHA, and how does it work?
Auth & identity
Engineering
November 17, 2022
Organization tenancy: the foundation of SSO and B2B data models
Auth & identity
Engineering
November 4, 2022
Introducing B2B Auth School
Auth & identity
November 4, 2022
Anatomy of a strong password
Auth & identity
October 27, 2022
Do passkeys live up to the hype?
Auth & identity
October 24, 2022
What is unphishable MFA?
Auth & identity
October 13, 2022
The importance of investing in unphishable authentication
Auth & identity
Company
September 29, 2022
Stytch Talks with Brian Hale: rethinking user sign-up and login to unlock growth
Auth & identity
September 16, 2022
What is identity and access management (IAM)?
Auth & identity
September 8, 2022
How compromised passwords lead to data breaches
Auth & identity
September 1, 2022
What is TOTP and why does it matter?
Auth & identity
August 31, 2022
Making auth your growth lever
Auth & identity
August 30, 2022
The definitive guide to choosing a Customer and Identity Access Management (CIAM) solution
Auth & identity
August 25, 2022
Eliminate bot attacks from the CAPTCHA equation
Auth & identity
August 24, 2022
Multi-factor authentication: how to choose the right approach for your business
Auth & identity
August 23, 2022
Step-up versus multi-factor authentication (MFA)
Auth & identity
August 17, 2022
Stytch’s guide to adding passwordless options for password-based auth flows
Auth & identity
August 15, 2022
How to prevent account takeover (ATO) and improve user authentication
Auth & identity
August 11, 2022
What is password salting?
Auth & identity
Company
July 28, 2022
Stytch vs. Amazon Cognito
Auth & identity
July 27, 2022
What is password hashing?
Auth & identity
July 18, 2022
Protect against password spraying
Auth & identity
July 13, 2022
How Apple’s passkeys just brought us one step closer to a passwordless internet
Auth & identity
Product
June 2, 2022
4 Ways to use Stytch's Embeddable Magic Links
Auth & identity
May 4, 2022
Web3 and the future of data portability: rethinking user experiences and incentives on the internet
Auth & identity
April 22, 2022
Save time, save the planet–go passwordless!
Auth & identity
March 16, 2022
What is WebAuthn?
Auth & identity
March 12, 2022
Password reuse is a cybersecurity threat
Auth & identity
February 24, 2022
Build vs. buy: what to consider when setting up an auth flow
Auth & identity
January 28, 2022
What is the purpose of a refresh token?
Auth & identity
January 18, 2022
10 common cyber attacks
Auth & identity
January 10, 2022
What is MFA (Multi-Factor Authentication) and how does it work?
Auth & identity
January 5, 2022
What is credential stuffing? How to prevent credential stuffing attacks
Auth & identity
December 17, 2021
An introduction to WebAuthn
Auth & identity
November 12, 2021
A guide to passwordless authentication solutions by business vertical
Auth & identity
September 16, 2021
Stytch's guide to passwordless authentication
Auth & identity
July 30, 2021
How just-in-time authentication boosts security and conversion
Auth & identity
July 19, 2021
Forget the password reset flow as you know it
Auth & identity
July 12, 2021
Building the future of authentication