We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Replacing passwords with multiple factors: email, OTP, and hardware keys

00:00

Formal Metadata

Title
Replacing passwords with multiple factors: email, OTP, and hardware keys
Title of Series
Number of Parts
160
Author
License
CC Attribution - NonCommercial - ShareAlike 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal and non-commercial purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
Replacing passwords with multiple factors: email, OTP, and hardware keys [EuroPython 2017 - Talk - 2017-07-10 - Anfiteatro 1] [Rimini, Italy] Passwords have formed the cornerstone of I.T. system authentication for decades, but recent high-profile breaches have underscored the risks of password-based authentication systems. The good news is that we can replace passwords with other factors: email-based authentication one-time passwords (OTP) hardware keys (Yubikeys/U2F, etc.) These factors can be used independently or in conjunction with one another to provide vastly greater security than the traditional username-plus-password combination. Attendees of this talk will walk away with a detailed understanding of: why the traditional username-plus-password combination is failing us why email-based authentication provides no less security overview of one-time passwords and TOTP how to store/retrieve OTP codes, including password manager support state of hardware keys in general, and FIDO U2F standard in particular Attendees will learn how to implement these multi-factor authentication methods in their own Python-based web applications, with primary focus on methods for integrating email-based authentication, one-time passwords, and U2F hardware keys into Django-based projects
Software maintenanceNumberAuthenticationFluid staticsServer (computing)Flow separationPhysical systemCartesian coordinate systemWebsiteFamilyInformation securityOcean currentProjective planeBasis <Mathematik>BitFrequencyInformationComputer iconMultiplication signType theoryVulnerability (computing)ComputerStorage area networkLecture/Conference
IdentifiabilityInformationNumberAddress spacePasswordUsabilityInformation securityOnline helpUniverse (mathematics)CASE <Informatik>InformationPoint (geometry)AuthenticationPasswordAddress spaceFamilyPersonal identification number (Denmark)UsabilityResultantDifferent (Kate Ryan album)Semiconductor memoryFlow separationCore dumpFrequencyDeterminantInformation securityForcing (mathematics)Insertion lossStandard deviationParameter (computer programming)Physical systemVector potentialCategory of beingMultiplication signDegree (graph theory)Row (database)ComputerVirtual machineEntire functionDatabaseGame theoryNumberTerm (mathematics)SummierbarkeitEmailAverageCovering spaceProper mapComputer animationXMLLecture/Conference
PasswordPhishingTime domainLine (geometry)UsabilityInformation securityAuthenticationLimit (category theory)MathematicsPasswordSingle-precision floating-point formatPower (physics)Line (geometry)WhiteboardWebsiteComputer fontUsabilityEmailMultiplication signData managementQuicksortComputer configurationWeb browserINTEGRALAuthenticationTouchscreenInformation securityTime zoneLink (knot theory)WordOperator (mathematics)Process (computing)Graphical user interfaceForm (programming)ResultantLoginPoint (geometry)outputMathematicsMoment of inertiaMereologyComputerDenial-of-service attackFamilyMessage passingBitInformationAddress spaceElectronic mailing listType theoryImage registrationLecture/Conference
PasswordProcess (computing)Image registrationInformation managementEmailProgrammable read-only memoryUsabilityInformation securityForm (programming)Case moddingImage registrationWebsiteInformation securityEmailAuthenticationUsabilityTheoryAddress spacePasswordRight angleKeyboard shortcutLink (knot theory)Set (mathematics)Combinational logicClient (computing)MereologyMoment of inertiaField (computer science)Cartesian coordinate system2 (number)Single-precision floating-point formatMultiplication signINTEGRALContext awarenessGoodness of fitPoint (geometry)Type theoryInformationComplex (psychology)TwitterRow (database)Rule of inferencePhysical systemSymbol tableProcess (computing)ResultantDisk read-and-write headNumberWeb browserMetreStress (mechanics)Exterior algebraSelf-organizationMultiplicationOpen setLoginComputer animationLecture/Conference
Computer hardwareKey (cryptography)AuthenticationGoogolObservational studyReplication (computing)2 (number)QR codeNumberInstance (computer science)ComputerWebsiteType theoryPlastikkarteForm (programming)QuicksortDifferent (Kate Ryan album)Social engineering (security)Multiplication signCartesian coordinate systemAuthenticationDefault (computer science)CryptographyOrder (biology)Physical systemGoodness of fitMereologyDependent and independent variablesKey (cryptography)System callMomentumData managementGoogolCuboidInformation securityPasswordTouchscreenDataflowImage registrationMessage passingHash functionRevision controlUsabilityDigitizingUniverse (mathematics)AutomationWeb browserGame controllerMobile appDrop (liquid)CASE <Informatik>Public-key cryptographyBitTheoryCodeObservational studyEmailFocus (optics)DemosceneTimestampSoftwareFrequencyFreewareConnectivity (graph theory)Information privacyCodeSimulationComputer hardwareNP-hardScaling (geometry)Term (mathematics)TelecommunicationFormal languageSoftware protection dongleInternetworkingTask (computing)Forcing (mathematics)Token ringLecture/Conference
Menu (computing)Port scannerObservational studyCryptographyKey (cryptography)GoogolFeedbackWeb browserGoodness of fitUsabilityGraphical user interfaceWeb browserInformation securityComputer animation
Graphical user interfaceWeb browserFeedbackSummierbarkeitExtension (kinesiology)Graphical user interfaceShared memoryWeb browserComputer animation
Integrated development environmentWeb browserPropositional formulaWebsiteKey (cryptography)ComputerWeb applicationComputer animation
Group actionInformation securityPhysicalismBiostatisticsProper mapAuthenticationMultiplication signPasswordGoodness of fitKey (cryptography)Vulnerability (computing)Resource allocationoutputRight anglePattern recognitionNatural numberFingerprintNP-hardNumbering schemeFrequencySelf-organizationSession Initiation ProtocolExtension (kinesiology)ResultantGame controllerMassMaxima and minimaDomain nameUsabilityIntegrated development environmentDefault (computer science)Modal logicVector potentialKeyboard shortcutDifferent (Kate Ryan album)Dependent and independent variablesTouch typingUniverse (mathematics)PressureSatelliteGroup actionWeb browserMobile WebVirtual machineData conversionMereologyMechanism designDomain nameInstance (computer science)WordNichtlineares GleichungssystemCartesian coordinate systemTerm (mathematics)Physical systemSystem callType theory1 (number)IRIS-TCombinational logicSoftware protection dongleWebsiteSingle-precision floating-point format2 (number)Mobile appLecture/Conference
Installation artFirst-person shooterProjective planeSet (mathematics)AuthenticationSkeleton (computer programming)Electronic mailing listUniqueness quantificationKey (cryptography)Information securityForm (programming)Connected spacePasswordMultiplication signFitness functionSelf-organizationEndliche ModelltheorieCartesian coordinate systemMereologySoftware frameworkScripting languagePlug-in (computing)ImplementationLevel (video gaming)Limit (category theory)Similarity (geometry)Computer configurationWeb browserSystem administratorRepository (publishing)Goodness of fitDemo (music)NumberComputer hardwareService (economics)EmailWeb applicationDemosceneBitLatent heatMathematicsCombinational logicDifferenz <Mathematik>Mobile appProcess (computing)Greatest elementCodeFocus (optics)NamespaceCAN busUniform resource locatorWebsiteInstallation artView (database)Lecture/Conference
Uniform resource locatorContent (media)Message passingAuthenticationKey (cryptography)Information securityTotal S.A.Server (computing)Projective planeMessage passingError messageElectronic visual displayRootWeb browserAuthenticationElectronic mailing listInterface (computing)PasswordHypermediaRevision controlPoint (geometry)Key (cryptography)Standard deviationComputer configurationCodeCombinational logicBackupField (computer science)Data managementCodeLink (knot theory)Flow separationMenu (computing)Public key certificateGoodness of fitCASE <Informatik>Information securityQR codeMobile appTap (transformer)Globale BeleuchtungPrice indexFlash memoryLecture/Conference
PlastikkarteLoginDatabaseLengthPasswordAbelian categoryEmailIdentity managementServer (computing)Device driverElement (mathematics)Uniform resource locatorWeb 2.0CodeSheaf (mathematics)WebsiteMountain passAuthenticationExecution unitMaxima and minimaToken ringPasswordGreatest elementLoginMultiplication signComputer configurationQR codeComputer iconAuthenticationWeb applicationLattice (order)Touchscreen2 (number)Pattern recognitionForm (programming)Process (computing)WebsiteDifferent (Kate Ryan album)Web browserProjective planeElectronic program guideInformation securityLengthCodePort scannerKey (cryptography)Computer virusAutomatic differentiationCodeComputer animationXML
Transcript: English(auto-generated)