User Auth for Winners - How to Get It Right the First Time

Learn how to build secure user authentication systems in this 37-minute conference talk from LASCON. Explore best practices for user management, password security, and authentication platforms. Discover different authentication methods, common misconceptions, and strategies for handling data and web services. Gain insights on implementing session tokens, rate limiting, and secure account creation processes. Examine approaches to password reset workflows, consistency in user experience, and utilizing tools like Apache Shiro. Walk away with practical knowledge to implement or improve robust authentication systems for startups and enterprises, helping prevent common security breaches and protect user accounts.

Intro
Agenda
Different ways to authenticate
Common perception
Data
Web Services
Session Tokens
Ratelimiting
Session ID
Account Creation
Security Usability
User Account Creation
Password Reset
Consistency
Apache Shiro
Storm Path
Logs
Users