There is a phrase in cybersecurity that, once heard, is difficult to ignore. Never trust. Always verify. It is presented as a principle of good design, a response to hostile networks and persistent threats. But like many such principles, it carries with it a quiet assumption, that trust, as a default posture, is no longer … Continue reading Never Trust, Always Verify
Tag: identity providers
The Age of Authentication
There is a quiet shift underway in how we are expected to exist online. It does not announce itself with the force of a new technology, nor with the clarity of a single policy. It appears instead as a requirement, a small prompt during account creation, a field to be filled, a box to be … Continue reading The Age of Authentication
