Passwords have formed the cornerstone of I.T. system authentication for decades, but recent high-profile breaches have underscored the risks of password-based authentication systems.
The good news is that we can replace passwords with other factors:
- email-based authentication
- one-time passwords (OTP)
- hardware keys (Yubikeys/U2F, etc.)
These factors can be used independently or in conjunction with one another to provide vastly greater security than the traditional username-plus-password combination.
Attendees of this talk will walk away with a detailed understanding of:
- why the traditional username-plus-password combination is failing us
- why email-based authentication provides no less security
- overview of one-time passwords and TOTP
- how to store/retrieve OTP codes, including password manager support
- state of hardware keys in general, and FIDO U2F standard in particular
Attendees will learn how to implement these multi-factor authentication methods in their own Python-based web applications, with primary focus on methods for integrating email-based authentication, one-time passwords, and U2F hardware keys into Django-based projects.