We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Replacing passwords with multiple factors: email, OTP, and hardware keys

Formal Metadata

Title
Replacing passwords with multiple factors: email, OTP, and hardware keys
Title of Series
Number of Parts
160
Author
License
CC Attribution - NonCommercial - ShareAlike 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal and non-commercial purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
Replacing passwords with multiple factors: email, OTP, and hardware keys [EuroPython 2017 - Talk - 2017-07-10 - Anfiteatro 1] [Rimini, Italy] Passwords have formed the cornerstone of I.T. system authentication for decades, but recent high-profile breaches have underscored the risks of password-based authentication systems. The good news is that we can replace passwords with other factors: email-based authentication one-time passwords (OTP) hardware keys (Yubikeys/U2F, etc.) These factors can be used independently or in conjunction with one another to provide vastly greater security than the traditional username-plus-password combination. Attendees of this talk will walk away with a detailed understanding of: why the traditional username-plus-password combination is failing us why email-based authentication provides no less security overview of one-time passwords and TOTP how to store/retrieve OTP codes, including password manager support state of hardware keys in general, and FIDO U2F standard in particular Attendees will learn how to implement these multi-factor authentication methods in their own Python-based web applications, with primary focus on methods for integrating email-based authentication, one-time passwords, and U2F hardware keys into Django-based projects