Monday, August 9, 2021

Episode 117 - Authentication with Aviad Mizrachi


We are sponsored by audible!

We are on Patreon!


Join us on Discord!

Authentication with Aviad Mizrachi

Authentication has become a necessity in a digital world that’s ever-increasing in complexity. What can you do to arm yourself against the constant threat of data breaches and hacks? In this episode Jason sits down with Aviad Mizrachi, CTO and Co-Founder of Frontegg, to give us valuable insight into how Authentication works, and how these help you become more defensible against attacks.

This episode touches on the following key topics and ideas:

00:00:24 Introduction

00:01:10 Introducing Aviad Mizrachi

00:04:36 The login

00:06:32 The many intricacies of Authentication

00:10:25 How are passwords sent to servers?

00:11:26 Query param

00:16:59 Multi-factor authorization (MFA)

00:20:11 Time-based One-Time Password (TOTP)

00:28:05 Single Sign-on (SSO) Cross-site scripting

00:33:38 Ad: SignalWire, a next-gen video collaboration platform

00:35:03 Session tokens

00:36:36 Cross-site scripting (XSS)

00:39:24 JSON web tokens (JWTs)

00:41:24 Difference between session token and refresh token

00:49:33 More about Frontegg, Aviad’s company

00:54:14 SQL injection attack

00:56:11 Auditing and audit logs

00:59:42 Authentication in mobile apps

01:00:50 Frontegg hiring and intern opportunities

01:05:22 Frontegg product offerings

Resources mentioned in this episode:



Our sponsor for this episode is SignalWire

You can reach Aviad on:

LinkedIn | GitHub

If you’ve enjoyed this episode, you can listen to more on Programming Throwdown’s website:

Reach out to us via email:

You can also follow Programming Throwdown on 

Facebook | Apple Podcasts | Spotify | Player.FM 

Join the discussion on our Discord

You can also help support Programming Throwdown through our Patreon