Contribute Media
A thank you to everyone who makes this possible: Read More

Replacing passwords with multiple factors: email, OTP, and hardware keys

Description

Passwords have formed the cornerstone of I.T. system authentication for decades, but recent high-profile breaches have underscored the risks of password-based authentication systems.

The good news is that we can replace passwords with other factors:

  • email-based authentication
  • one-time passwords (OTP)
  • hardware keys (Yubikeys/U2F, etc.)

These factors can be used independently or in conjunction with one another to provide vastly greater security than the traditional username-plus-password combination.

Attendees of this talk will walk away with a detailed understanding of:

  • why the traditional username-plus-password combination is failing us
  • why email-based authentication provides no less security
  • overview of one-time passwords and TOTP
  • how to store/retrieve OTP codes, including password manager support
  • state of hardware keys in general, and FIDO U2F standard in particular

Attendees will learn how to implement these multi-factor authentication methods in their own Python-based web applications, with primary focus on methods for integrating email-based authentication, one-time passwords, and U2F hardware keys into Django-based projects.

Details

Improve this page