Pick me! I think it's a great idea.

After downloading the GOV.UK #OneLogin app last week, I can access tax, driving licence, vehicle duty, NHS, DfE number, passport, lasting power of attorney, submit a yachting plan (and get a Welsh fishing permit)

home.account.gov.uk/services-usi...

Whistleblowers raise ‘extreme’ concern about security of government’s Digital ID | ITV News My understanding from friends is One Login is a glorified bastion host that reliant services & parties are obligated to blindly trust, making it a giant SPOF; that alone would be terrifying at …

Whistleblowers raise ‘extreme’ concern about security of government’s Digital ID | ITV News
https://alecmuffett.com/article/136503
#DigitalId #IdCards #OneLogin

UK Digital ID Faces Security Crisis Ahead of Mandatory Rollout  The UK’s digital ID system, known as One Login, triggered major controversy in 2025 due to serious security vulnerabilities and privacy concerns, leading critics to liken it to the infamous Horizon scandal.  One Login is a government-backed identity verification platform designed for access to public services and private sector uses such as employment verification and banking. Despite government assurances around its security and user benefits, public confidence plummeted amid allegations of cybersecurity failures and rushed implementation planned for November 18, 2025. Critics, including MPs and cybersecurity experts, revealed that the system failed critical red-team penetration tests, with hackers gaining privileged access during simulated cyberattacks. Further concerns arose over development practices, with portions of the platform built by contractors in Romania on unsecured workstations without adequate security clearance. The government missed security deadlines, with full compliance expected only by March 2026—months after the mandatory rollout began. This “rollout-at-all-costs” approach amidst unresolved security flaws has created a significant trust deficit, risking citizens’ personal data, which includes sensitive information like biometrics and identification documents. One Login collects comprehensive data, such as name, birth date, biometrics, and a selfie video for identity verification. This data is shared across government services and third parties, raising fears of surveillance, identity theft, and misuse. The controversy draws a parallel to the Horizon IT scandal, where faulty software led to wrongful prosecutions of hundreds of subpostmasters. Opponents warn that flawed digital ID systems could cause similar large-scale harms, including wrongful exclusions and damaged reputations, undermining public trust in government IT projects. Public opposition has grown, with petitions and polls showing more people opposing digital ID than supporting it. Civil liberties groups caution against intrusive government tracking and call for stronger safeguards, transparency, and privacy protections. The Prime Minister defends the program as a tool to simplify life and reduce identity fraud, but critics label it expensive, intrusive, and potentially dangerous. In conclusion, the UK’s digital ID initiative stands at a critical crossroads, facing a crisis of confidence and comparisons to past government technology scandals. Robust security, oversight, and public trust are imperative to avoid a repeat of such failures and ensure the system serves citizens without compromising their privacy or rights.

UK Digital ID Faces Security Crisis Ahead of Mandatory Rollout #CyberSecurity #DataSafety #OneLogin

Security concerns over system at heart of digital ID The government is facing questions over whether One Login can be trusted to keep people's personal data secure.

Security concerns over system at heart of #digitalID
www.bbc.co.uk/news/article...

Can #OneLogin be trusted to keep people's personal data secure?
#DataProtection #DataPrivacy #DataSecurity #GovernmentDigitalService #CyberSecurity #DSIT

The UK’s One Login platform faces claims of weak security after independent tests found flaws. Ministers say the risks are fixed, but critics remain doubtful. Read the verified deep-dive investigation now on Substack for the full story.

#OneLogin #DigitalID #CyberSecurity #Substack

“We do not guarantee that GOV.UK One Login will always be available, or that access to it will be error free. We will provide a way for you to report problems with GOV.UK One Login” Wow. Reference to “Safari 12” suggests this is 2018-era technology, at best: Terms and conditions – GOV.UK One Login archived at

“We do not guarantee that GOV.UK One Login will always be available, or that access to it will be error free. We will provide a way for you to report problems with GOV.UK One Login”
https://alecmuffett.com/article/117386
#DigitalId #IdCards #KierStarmer #OneLogin

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps API response along with metadata pertaining read more about OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps reconbee.com/onelogin-bug...

#OneLogin #cyberattack #API #OIDC #impersonateApps

Critical #OneLogin vulnerability (CVE-2025-59363) exposes OIDC client secrets, enabling app impersonation. Update to version 2025.3.0 immediately. #CyberSecurity #IAM #DataBreach Link: thedailytechfeed.com/critical-one...

Vulnerabilità in OneLogin, bug Microsoft su ARM64 e dieci advisories ICS di CISA richiedono patch rapide per mitigare rischi di sicurezza.

#Arm64 #cisa #ICS #OneLogin #Windows
www.matricedigitale.it/2025/10/01/v...

Security threat visualization

OneLogin HIGH-severity vuln (CVE-2025-59363): OIDC client secrets leak via GET Apps API v2 before 2025.3.0. Upgrade fast or lock down access & rotate secrets! radar.offseq.com/threat/cve-2025-59363-cw... #OffSeq #OneLogin #Security

OneLogin AD Connector Vulnerabilities Expose Authentication Credentials gbmashers.com/onelogin-ad-connector-vu... #PotatoSecurityNews #Vulnerabilities #potatosecurity #PotatoAttack #OneLogin

UPSIDER Corporation Integrates SSO with OneLogin to Enhance Security and Efficiency UPSIDER has integrated SSO with OneLogin using SAML2.0 authentication, enhancing security and user convenience for corporate clients.

UPSIDER Corporation Integrates SSO with OneLogin to Enhance Security and Efficiency #Japan #UPSIDER #Minato,_Tokyo #OneLogin #Pentio

Exploring approaches for using GOV.UK One Login in local government: join our discovery The way citizens access public services is evolving, and GOV.UK One Login, a secure and unified sign-in system, is central to this transformation. The Local Digital team is launching a discovery phase...

The #LocalDigital team is exploring approaches for how GOV.UK #OneLogin could benefit #LocalGovernment. I have some concerns. 🧵

😳 Good grief this 🔻🔻 is serious whistle-blowing about security weaknesses in the government's #OneLogin identity system, which is now being rolled out... 🔻

(Only yesterday the .gov website asked me to create a One Login profile... so glad I didn't get round to it.)

My latest article examines the UK government's digital identity system, GOV.UK One Login, through an inclusion lens. The process still requires digital literacy or trips to increasingly rare post offices.
#GovernmentDigital #GDS #DigitalInclusion #OneLogin #PublicServices #UKGov #GovTech #Technology

Oh look. A #onelogin outage before I go to bed….. my fav.

One Login adoption passes 40 services with Companies House deployment The new sign-in tool that will be implemented across departments will be used to support the new verification process for company founders, owners, and directors, the DSIT secretary has announced ...

🔐 ‘ #OneLogin adoption passes 40 #Services with #CompaniesHouse deployment.’

“… [One Login looks to] replace a previous patchwork of almost 200 separate accounts systems and 44 separate sign-in methods.”

www.publictechnology.net/2024/09/24/b...

GOV.UK One Login: Designing for inclusion at scale GDS is leading the digital transformation of the UK government.

Pablo Romero & Dr. Helena Trippe on how the GOV.UK #OneLogin Team are designing for #Inclusion at scale.

gds.blog.gov.uk/2024/09/19/g...