SEO updates (#3195)

Co-authored-by: bradmccarty <[email protected]>

astro/src/content/articles/identity-basics/magic-links.md

@@ -24,17 +24,17 @@ The process starts when a user inputs their email address into a login form. The
 
 By doing so, magic links leverage the security of the user's email provider. If someone can access the magic link, they already have access to the user's email. If the user's email account is compromised, then they likely have bigger problems than someone accessing your service. The magic link is a one-time URL that can only be used once. This means that if someone steals a magic link that has already been used, they cannot use it again. This means that the user gets the ease of logging in to your system without having to present a credential. But they still benefit from the security around the email account, including any protections the email provider has put in place or MFA the user has added.
 
-## Benefits Of Using Magic Links
+## What Are The Benefits Of Using Magic Links
 
-### User Experience (UX):
+### How Do Magic Links Impact User Experience (UX)?
 
 It's no secret that users often struggle with password management. The average user is registered on dozens of online platforms, each requiring a unique password. Remembering these is often challenging, leading to frequent password resets, which further degrade user experience. Magic links simplify this process, requiring only access to an email account.
 
-### Security:
+### Are Magic Links Secure?
 
 Despite being the standard for years, passwords are a known security weak point. Users often reuse passwords across platforms or opt for easy-to-remember (and easy-to-guess) options. By using magic links, we eliminate the risk of password reuse or theft. In addition, the temporary nature of magic links also acts as a security advantage, as each link expires after use or after a set period, whichever happens first. This prevents attackers from using them for malicious purposes.
 
-### Development Simplicity:
+### How Hard Is It To Implement Magic Links?
 
 Implementing a secure password-based system can be a challenge. It involves creating secure password storage, implementing encryption, managing password resets, etc. In comparison, magic link systems can be simpler to implement and maintain. They don't require any changes to existing infrastructure, which makes them a good choice for small and medium businesses. In addition, they can be implemented with fewer resources than other security solutions such as software-based two-factor authentication (2FA) systems or hardware tokens.
 ## Are Magic Links Better Than Passwords?
@@ -55,15 +55,15 @@ To sum up, while passwords have long been the foundation of the authentication p
 
 While magic links provide an attractive alternative to traditional passwords and forgot password links, it's crucial to consider potential drawbacks.
 
-### Email Account Dependence:
+### Are Magic Links Reliant On Email Accounts?
 
 Magic links rely on the security of the user's email account. If a user's email account is compromised, all services using magic links are potentially at risk. It's thus crucial to encourage users to protect their email accounts with strong security measures, like two-factor authentication. Also, some email providers will pre-fetch all links in all emails, which may expire magic links. Make sure you consider this in your implementation.
 
-### Phishing Attacks:
+### Do Magic Links Prevent Phishing Attacks?
 
 Users might be tricked into clicking on malicious links masquerading as magic links. Training users to identify genuine magic links and raising awareness about such threats is essential.
 
-### Security:
+### What Are Security Considerations of Magic Links?
 
 If the user's email account is compromised, all services using magic links are potentially at risk. This issue can be mitigated by encouraging users to protect their email accounts with strong security measures like two-factor authentication and keeping the lifetime of a magic link low.
 
@@ -97,4 +97,4 @@ Finally, it's important to continuously monitor and update the magic link system
 
 Magic links provide a promising alternative to traditional password-based authentication, offering improved user experience and security. As developers, it's our role to adapt to these changing paradigms to offer the best possible security solutions to our users. As we move towards a passwordless future, magic links are certainly worth considering. They're easy to implement, they don't require any special permissions, and they provide a seamless user experience.
 
-Before switching over, ensure your team understands the benefits, risks, and implementation process. Remember, the goal is not just to follow trends but to enhance the overall security and usability of your systems. Embrace the magic of these links, and let's stride towards a more secure digital future.
+Before switching over, ensure your team understands the benefits, risks, and implementation process. Remember, the goal is not just to follow trends but to enhance the overall security and usability of your systems. Embrace the magic of these links, and let's stride towards a more secure digital future.

astro/src/content/articles/oauth/saml-vs-oauth.mdx

@@ -19,11 +19,11 @@ SAML, or Security Assertion Markup Language, also lets you log in to multiple si
 
 SAML is primarily an authentication system, while OAuth is an authorization system. [*Authentication*](/articles/authentication/common-authentication-implementation-risks) is about confirming the user’s identity. [*Authorization*](/docs/get-started/core-concepts/authentication-authorization#overview) is about deciding what services they can access.
 
-## Workflows
+## What Are Common SAML and OAuth Workflows?
 
 Let’s take a look at how the two systems let you access websites and applications. These are common systems, though [other workflows are possible](https://www.ibm.com/docs/en/tfim/6.2.2.6?topic=overview-oauth-20-workflow).
 
-## Security Assertion Markup Language (SAML) Definition
+## What Is Security Assertion Markup Language (SAML)?
 
 When a user interacts with SAML, both a service provider and [identity provider](/docs/apis/identity-providers/) are involved. The service provider is typically the website the user is interacting with.
 
@@ -38,7 +38,7 @@ When the right credentials are provided, the identity provider responds with a S
 
 If the user is already authenticated, they’re not asked for their credentials, which saves time and improves the user experience.
 
-## Open Authorization (OAuth) Definition
+## What is Open Authorization (OAuth)?
 
 There are two versions of OAuth, and there are [differences](https://www.synopsys.com/blogs/software-security/oauth-2-0-vs-oauth-1-0/) between them. This article focuses on version 2.0, which has been around since 2012. An updated version 2.1 [has been proposed](/articles/oauth/differences-between-oauth-2-oauth-2-1) but not yet approved.
 
@@ -72,7 +72,7 @@ This allows users to gain access through a familiar UI, and their primary creden
 
 This information is a core source of revenue for companies like Facebook. While some users may not be keen on the [potential lack of privacy](https://www.wired.com/story/security-risks-of-logging-in-with-facebook/), those users are [in the minority](https://www.webmarketingpros.com/gigya-survey-shows-social-login-use-skyrocketing-on-sites-and-apps/). However, these concerns are part of why some companies are choosing to run their own OAuth servers.
 
-## Comparison of OAuth and SAML
+## What Are the Differences Between SAML and OAuth?
 
 Let’s talk about what function each system performs.
 
@@ -95,11 +95,11 @@ SAML, though an authentication-based protocol, can also be used to provide other
 
 Using OAuth for authorization together with SAML for authentication is perfectly feasible. The [Microsoft identity platform](https://docs.microsoft.com/en-us/azure/active-directory/develop/authentication-vs-authorization), for example, uses them both.
 
-## Typical Use Cases
+## What are Some Typical Use Cases for SAML and OAuth?
 
 Let’s look at some of the ways these systems are used.
 
-### SAML
+### Typical SAML Use Cases
 
 SAML allows users to conveniently access multiple resources [safely and securely](https://www.onelogin.com/learn/saml). It can reduce support requests since users don’t need to create and store credentials for every service they use. It tends to be popular with groups that need to regularly grant access to specific sets of resources, as it minimizes the work involved.
 
@@ -120,7 +120,7 @@ Large cloud platforms often allow users to sign in via SAML. In addition to bein
 [Zendesk](/docs/lifecycle/authenticate-users/integrations/saml/zendesk) is a typical example. You can [add attributes](https://support.zendesk.com/hc/en-us/articles/4408887505690-Enabling-SAML-single-sign-on) to SAML-enabled users, allowing you to store things like contact details, team membership, access levels, or whatever other data you require.
 
 
-### OAuth
+### Typical OAuth Use Cases
 
 OAuth allows developers to authenticate users without demanding their credentials. This lets them learn more about their users, but doesn’t require that users create a new login or provide details they’ve entered elsewhere. Perhaps more importantly, it also means developers can provide key functionality without having to build it themselves.
 
@@ -154,7 +154,7 @@ Single-page applications (SPAs) contain all their logic on the frontend. That ma
 
 You can sidestep this problem by using OAuth with a backend for frontend (BFF) component. The component can manage OAuth tokens for your SPA [using encrypted, same-site cookies](https://curity.io/resources/learn/spa-best-practices/).
 
-## Conclusion - When Should You Use SAML or OAuth?
+## When Should You Use SAML or OAuth?
 
 SAML and OAuth are different solutions to similar problems. They’re different animals, but their territories overlap at times, and you can frequently find them together.