re: HMAC Authentication: Better protection for your API VIEW POST

re: HMAC is one more security layer in your API defence but when used from a Mobile App to talk with an API it can be defeated as explained on this art...

Without reading the article, I have to say that I'm skeptical basic authentication is somehow more secure then HMAC. But I am not an expert in matters of security. I will add the referenced article to my reading list. Thanks for the share!


Sorry but I have not said that basic authentication is better than HMAC I was trying to say that despite HMAC can be defeated is better to use HMAC than basic authentication... I will edit my reply to make it clear.

I am glad you pointed it because after I read it again I have to admit that was confusing.


code of conduct - report abuse