Is it safe to release a Personal Access Token on GitHub if it has already expired? #github #git #question #accesstoken #security

RE: Leaked GitHub Python Token

It seems the Python ecosystem just dodged a huge bullet. A personal access token from a developer was accidentally leaked and put into a Docker image, being on the public web for some time.

According to the report by PyPi, a personal access token with was created for local development and a simple clean-up script used during building and […]

https://kevingimbel.de/?p=3042

#AccessToken #GitHub #Link #PyPi #Python #Security #SupplyChain

Linksys has added this article to their Atlassian but still not responding. Neither to me or Testaankoop who found it in the first place...

https://stackdiary.com/linksys-velop-routers-send-wi-fi-passwords-in-plaintext-to-us-servers/

#Security #Linksys #WiFi #Privacy #Cybersecurity #Routers #Velop #DataBreach #TechNews #Plaintext #Hackers #MITM #Firmware #Network #Encryption #TechAlert #Update #AWS #MeshRouter #Vulnerability #Internet #Protection #ConsumerAlert #SSID #AccessToken #DataSafety #NetworkSecurity #Wireless #HomeNetwork #OfficeNetwork

Got a notification today that my Personal Access Token for #AzureDevOps expires soon. when I went to rotate it, there is an option to just... extend the shelf life? Never seen that before from any of the services I use.

Does that feel weird to anyone else?

#security #AccessToken

💥🆕 New blog post! OAuth Token Explorer is a tool I built to learn about and test the OAuth 3-legged flow...

➡️ https://instantiator.dev/post/playing-with-oauth/

At the moment it has options to experiment with LinkedIn. It shouldn't be hard to add others. It's open source - so feel free to poke at it, copy it, modify it, and improve on it! (Do please share back any improvements you make.)

#OAuth #AccessToken #AuthorizationCode #SignIn #SocialNetwork #Tool

Does a web access token need to be encoded?

https://security.stackexchange.com/questions/268978/does-a-web-access-token-need-to-be-encoded

#accesstoken #jwt #web

I need to generate a token in order to share an 'invite' link, what should the token be?

https://security.stackexchange.com/questions/268796/i-need-to-generate-a-token-in-order-to-share-an-invite-link-what-should-the-t

#accesstoken #token

The reasoning behind having access and refresh tokens for a single user SPA

https://security.stackexchange.com/questions/268711/the-reasoning-behind-having-access-and-refresh-tokens-for-a-single-user-spa

#accesstoken

Best Way to handle Authorization tokens on mobile apps

https://security.stackexchange.com/questions/268536/best-way-to-handle-authorization-tokens-on-mobile-apps

#authorization #openidconnect #accesstoken #mobile

bearer JWT client authentication and access token issued by authorization server

https://security.stackexchange.com/questions/268386/bearer-jwt-client-authentication-and-access-token-issued-by-authorization-server

#authentication #openidconnect #accesstoken #oauth #jwt

On MacBook (OSX 13.1) #MetaText app permission was removed from my Mastodon account once long ago – tried to reinstall the app, but now I get “access token invalid” error message. What to do?
#error
#AccessToken
#MetaText

Encrypted instead of signed access tokens in OAuth2

https://security.stackexchange.com/questions/267566/encrypted-instead-of-signed-access-tokens-in-oauth2

#openidconnect #accesstoken #oauth2