API keys are both incredibly powerful and extremely vulnerable. API key exposure can result in significant damage, both to a company and to the data it holds. As such, hiding and securing keys (as well as mitigating potential loss) is critical for any security plan in the modern API space. Read more
Posts Tagged: password
Every year we see more and more high-profile data breaches. In 2019, companies reported over 3,800 data breaches, and 4.1 billion records were accessed. These included records from major financial institutions.
With so much of our daily lives and business transactions occurring online, cybersecurity threats can be devastating for customers and costly for corporations. Read more
APIs handle enormous amounts of data of a widely varying type – accordingly, one of the chief concerns of any data provider is how specifically to secure this data. The idea that data should be secret, that it should be unchanged, and that it should be available for manipulation is key to any conversation on API data management and handling. Read more
Little details like tokens can sometimes help structure complex API architectures. In this piece we’re going to have a look at different architectures, and ultimately see how a better way to design tokens can lead to a more performant result.
Consider the role of tokens within two facets of API design, access control and data stability. Read more
We’re all accustomed to using usernames and passwords for hundreds of online accounts — but if not managed correctly, using passwords can become a major distraction, and a potential security vulnerability. The same is true in the API space. There’s nothing inherently wrong with usernames — you need those. Read more