Replacing passwords with multiple factors: email, OTP, and hardware keys

Speaker(s) Justin Mayer

Passwords have formed the cornerstone of I.T. system authentication for decades, but recent high-profile breaches have underscored the risks of password-based authentication systems.

The good news is that we can replace passwords with other factors:

email-based authentication
one-time passwords (OTP)
hardware keys (Yubikeys/U2F, etc.)

These factors can be used independently or in conjunction with one another to provide vastly greater security than the traditional username-plus-password combination.

Attendees of this talk will walk away with a detailed understanding of:

why the traditional username-plus-password combination is failing us
why email-based authentication provides no less security
overview of one-time passwords and TOTP
how to store/retrieve OTP codes, including password manager support
state of hardware keys in general, and FIDO U2F standard in particular

Attendees will learn how to implement these multi-factor authentication methods in their own Python-based web applications, with primary focus on methods for integrating email-based authentication, one-time passwords, and U2F hardware keys into Django-based projects.

in on Monday 10 July at 10:30 See schedule

Do you have some questions on this talk?

New comment

Comment:

Name:

Email address:

URL:

Captcha: