Replacing passwords with multiple factors: email, OTP, and hardware keys [EuroPython 2017 - Talk - 2017-07-10 - Anfiteatro 1] [Rimini, Italy] Passwords have formed the cornerstone of I.T. system authentication for decades, but recent high-profile breaches have underscored the risks of password-based authentication systems. The good news is that we can replace passwords with other factors: email-based authentication one-time passwords (OTP) hardware keys (Yubikeys/U2F, etc.) These factors can be used independently or in conjunction with one another to provide vastly greater security than the traditional username-plus-password combination. Attendees of this talk will walk away with a detailed understanding of: why the traditional username-plus-password combination is failing us why email-based authentication provides no less security overview of one-time passwords and TOTP how to store/retrieve OTP codes, including password manager support state of hardware keys in general, and FIDO U2F standard in particular Attendees will learn how to implement these multi-factor authentication methods in their own Python-based web applications, with primary focus on methods for integrating email-based authentication, one-time passwords, and U2F hardware keys into Django-based projects