<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Authentication on Commentary of Takao</title><link>https://takao.blog/ko/tags/authentication/</link><description>Recent content in Authentication on Commentary of Takao</description><generator>Hugo -- gohugo.io</generator><language>ko</language><copyright>Commentary of Takao</copyright><lastBuildDate>Sun, 12 Jul 2026 04:12:51 +0900</lastBuildDate><atom:link href="https://takao.blog/ko/tags/authentication/index.xml" rel="self" type="application/rss+xml"/><item><title>WebAuthn and Passkeys: Passwordless Authentication in 2024</title><link>https://takao.blog/ko/web/webauthn-passkeys/</link><pubDate>Tue, 02 Apr 2024 00:00:00 +0900</pubDate><guid>https://takao.blog/ko/web/webauthn-passkeys/</guid><description>&lt;img src="https://takao.blog/img/thumbnail/webauthn-passkeys-ko.png" alt="Featured image of post WebAuthn and Passkeys: Passwordless Authentication in 2024" /&gt;&lt;p&gt;Passwords have been the primary 인증 mechanism for decades, but they come with well-documented security and usability problems. WebAuthn (Web 인증) and the emerging 패스키 ecosystem promise to replace passwords with cryptographically secure, phishing-resistant 인증. As of 2024, 패스키 support has reached critical mass across all major platforms, making this the ideal time to implement 비밀번호 없는 인증.&lt;/p&gt;</description></item><item><title>OAuth 2.0 and OpenID Connect: Modern Authentication Guide</title><link>https://takao.blog/ko/web/oauth-oidc/</link><pubDate>Mon, 29 Jan 2024 00:00:00 +0900</pubDate><guid>https://takao.blog/ko/web/oauth-oidc/</guid><description>&lt;img src="https://takao.blog/img/thumbnail/oauth-oidc-ko.png" alt="Featured image of post OAuth 2.0 and OpenID Connect: Modern Authentication Guide" /&gt;&lt;p&gt;OAuth 2.0 and OpenID Connect form the backbone of modern web 인증 and authorization. Despite their ubiquity, these protocols are frequently misunderstood and misconfigured, leading to preventable security vulnerabilities. This 가이드 covers the core concepts, implementation patterns, and security best practices you need to integrate 인증 securely in your applications.&lt;/p&gt;
&lt;h2 id="oauth-20-fundamentals"&gt;OAuth 2.0 Fundamentals
&lt;/h2&gt;&lt;p&gt;OAuth 2.0 is an authorization framework, not an 인증 protocol. This distinction is critical: OAuth defines how a client application can obtain delegated access to protected resources, but it does not specify how to verify the user&amp;rsquo;s identity. That is where OpenID Connect comes in.&lt;/p&gt;</description></item></channel></rss>