One Does Not Simply Add MFA

Explore the intricacies of Multi-factor Authentication (MFA) implementation in this 50-minute conference talk from YOW! 2022. Delve into real-world scenarios and best practices for enhancing application security. Learn about the potential pitfalls of MFA, the differences between OTP and U2F, and strategies to protect both users and developers. Gain insights into password hash encryption, the pros and cons of DIY versus off-the-shelf solutions, and the importance of user-friendly security measures. Discover why MFA should be a requirement rather than an option, and equip yourself with practical knowledge to strengthen your authentication systems.

Intro
What you will learn
Let our journey begin...
What was the hacker up to?
What is authentication?
Why didn't MFA help?
Let's travel deeper
OTP vs. U2F
Secure your account
...now let's put a twist on our story
Back to security basics
Password hash encryption
DIY or buy
Make it easy on your users
MFA is a requirement not optional
Outro
Q&A