YoVDO

Security for the People - End User Authentication Security on the Internet - Lecture 13

Offered By: YouTube

Tags

Data Breaches Courses Two-Factor Authentication Courses Browser Security Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore end-user authentication security on the Internet in this 41-minute conference talk from GrrCON 2014. Delve into the evolution of two-factor authentication deployments since 2005, examining user enrollment processes and method availability across services. Analyze browser security features and SSL/TLS implementations for service logins, with a focus on companies that prioritize security through dedicated pages. Learn about the Authentication Security Scoring Algorithm (MASSACRE) and its application in evaluating service security. Gain insights into best practices, common pitfalls, and lessons learned from analyzing security features across various online platforms. Understand the challenges of data gathering and documentation for service features, and consider the implications of security breaches and data loss.

Syllabus

Intro
Security Is A Process, Not A Product.
Primary Data Points Utilized
Gathering Data Can Be Really. Really Annoying
Two Factor Deployments Per Year Since 2005
How Does A User Actually Enroll in Two Factor?
Collective Method Availability Across Services
Companies Should Point Out Two Factor Availability
Two Factor Moniker Usage Since 2005
Built-in Two Factor Bypass? Recovery Gone Wrong.
Browser Security Features For Service Logins
Browser Security All-Stars
SSL/TLS Implementation for Service Logins
Browser Security + SSL Security All-Stars 2 of 141 services utilized all of tested browser security features and managed to receive an 'A+'SSL implementation rating
Security Pages - Yes. Really : Marty companies dedicate an entire page (or at least a big section of a page) to how they protect you and how you can protect yourself ...and others definitely do not.
Mark's Authentication Security Scoring Algorithm - Crudely Realized Edition
How Do We Get a Composite MASSACRE Score? SSL Implementation Browser Security Features
Professional MASSACRE Scale
MASSACRE Scoring Outcomes - Best and Worst! Best Scores
How Do Security Features increase MASSACRE Scores? Overall Values
Have A Crappy Algorithm? Make A Crappy Extension
Breaches of Service Security (Data Loss, Especially)
Random Thoughts On Lessons Learned • scouring the internet to find release dates and documentation for service features is way harder than it should be
All Donel Questions?


Related Courses

Cyber Threats and Attack Vectors
University of Colorado System via Coursera Cybersecurity in Healthcare (Hospitals & Care Centres)
Erasmus University Rotterdam via Coursera Information Security Operations Center ISOC for Non-Techies
Udemy Cloud Data Security
University of Minnesota via Coursera Network Security Basics
Pluralsight