Security for the People: End-User Authentication on the Internet - Mark Stanislav

Explore end-user authentication security on the internet in this 56-minute conference talk from Passwordscon 2014. Delve into research methodology, two-factor authentication deployment trends, and browser security features for service logins. Examine SSL/TLS implementations, learn about the MASSACRE scoring system for evaluating security measures, and gain insights into the evolution of online authentication practices. Discover which services excel in implementing browser security features and SSL security, and understand how these elements contribute to overall security scores. Conclude with valuable lessons learned and reflections on the state of user authentication in the digital landscape.

Intro
A Few Notes on Research Methodology
Two Factor Deployments Per Year Since 2005
Collective Method Availability Across Services
Two Factor Moniker Usage Since 2005
Browser Security Features For Service Logins
Browser Security All-Stars
SSL/TLS Implementation for Service Logins
Browser Security + SSL Security All-Stars 2 of 141 services utilized all of tested browser security features and managed to receive an A+ SSL implementation rating
How Do We Get a Composite MASSACRE Score? SSL Implementation
Professional MASSACRE Scale
How Do Security Features increase MASSACRE Scores? Overall Values
Random Thoughts On Lessons Learned
All Donel Questions?