YoVDO

Replacing Passwords with Multiple Factors - Email, OTP, and Hardware Keys

Offered By: EuroPython Conference via YouTube

Tags

EuroPython Courses Python Courses Django Courses Web Application Security Courses Multi-Factor Authentication Courses Usability Courses Biometric Authentication Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a comprehensive talk from EuroPython 2017 that delves into replacing traditional password-based authentication with more secure multi-factor methods. Learn about the vulnerabilities of password systems and discover alternative authentication factors such as email-based authentication, one-time passwords (OTP), and hardware keys. Gain insights into implementing these advanced security measures in Python-based web applications, with a focus on Django projects. Understand the pros and cons of each method, including the security benefits of U2F hardware keys and the potential issues with biometric authentication. Walk away with practical knowledge on how to enhance the security of your applications and protect user data from increasingly sophisticated cyber attacks.

Syllabus

Introduction
Average time to detect an attack
What kind of information is at risk
No medical data was stolen
This is just one attack
Have I beenpwned
The answer is most likely
The problem with these breaches
Financial loss
Why
Usually authentication methods
Bad security and bad usability
Bad passwords
Unprotected passwords
Phishing
The line of death
Wall of death
Usability
Password managers
Limiting failed login attempts
Changing passwords often
Security questions
A clever attacker
The industry has rallied behind
You know this idea
Users will leave
User hostile
New approaches
Email
Emailbased authentication
Problems with emailbased authentication
Problems with SMSbased authentication
SMS7 flaw
Authentication is deprecated
Onetime passwords OTP
Google Authenticator
Linode
Security
Hardware keys
U2F
Applicationspecific keys
Security and usability
Google study
Browser support
Issues with hardware keys
Biometric authentication
Multifactor authentication
Why now
Apply pressure
Require multifactor authentication
Specific implementations
Django No Password
Django Rest
Django OTP
Django U2F
Run server
Add physical key
Backup codes
OTP device
One password
Onetime password
OTP device link
Logging out
Conclusion


Taught by

EuroPython Conference

Related Courses

Microsoft Azure Identity
Microsoft via edX Microsoft Azure Authentication Scenarios for Developers
Pluralsight Identity and Access Management on AWS: Users
Pluralsight AWS for Developers: Identity Access Management (IAM)
LinkedIn Learning Azure for Architects: Design an Authentication and Data Security Strategy
LinkedIn Learning