Ah, OAuth 2.0. The protocol that promised to end password reuse and save us from the deep, dark, insecure corners of the web. The one we thought would be the antidote to phishing. But guess what?
Last year I wrote a blog about going passwordless (you can check it out here: https://www.lookingpoint.com/blog/passwordless). Now I’m doubling down and telling you that passwords are outdated. They’re reused, guessed, phished, and stolen. Despite password managers and multi-factor authentication (MFA), the underlying security model of passwords is inherently weak.
