One Does Not Simply Add MFA • Christine Seeman • YOW! 2022
About this talk
This presentation was recorded at YOW! 2022. #GOTOcon #YOW https://yowcon.com Christine Seeman - Senior Software Engineer at WP Engine RESOURCES https://ruby.social/@christine https://twitter.com/tech_christine https://christine-seeman.com https://linkedin.com/in/christineannseema ABSTRACT MFA (Multi-factor authentication) is a vital security pillar for any application, but sometimes it fails us as users and developers. How you use and implement MFA can significantly impact how secure it will be and the protection it ultimately provides. Finding best practices for implementing MFA can be difficult, so learn from a real-world implementation and know how to protect yourself and not let down your users. [...] TIMECODES 00:00 Intro 00:41 What you will learn 01:39 Let our journey begin... 03:53 What was the hacker up to? 06:47 What is authentication? 08:17 Why didn't MFA help? 08:52 Let's travel deeper 17:41 OTP vs. U2F 19:00 Secure your account 20:16 ...now let's put a twist on our story 24:12 Back to security basics 32:01 Password hash encryption 35:50 DIY or buy 40:18 Make it easy on your users 43:54 MFA is a requirement not optional 44:45 Outro 44:55 Q&A Download slides and read the full abstract here: https://yowcon.com/sydney-2022/sessions/2317 RECOMMENDED BOOKS Aaron Parecki • OAuth 2.0 Simplified • https://amzn.to/2A3IMOf Aaron Parecki • OAuth 2.0 Servers • https://amzn.to/3ecHEsz Aaron Parecki • The Little Book of OAuth 2.0 RFCs • https://amzn.to/3i7qnlC Erdal Ozkaya • Cybersecurity: The Beginner's Guide • https://amzn.to/2T6OIj3 Richer & Sanso • OAuth 2 in Action • https://amzn.to/3hXiAH6 Wilson & Hingnikar • Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0 • https://amzn.to/2U8iLY2 https://twitter.com/GOTOcon https://www.linkedin.com/company/goto- https://www.facebook.com/GOTOConferences #MFA #MultiFactorAuthentication #Security #CyberSecurity #OAuth #SIMhijacking #Authentication #OWASP #TOTP #U2F #OTP #HashEncryption Looking for a unique learning experience? Attend the next GOTO conference near you! Get your ticket at https://gotopia.tech Sign up for updates and specials at https://gotopia.tech/newsletter SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily. https://www.youtube.com/user/GotoConferences/?sub_confirmation=1
Stay Updated
Get notified about new features and conference additions.
