Advertisement
Check these out next
Forgot Password? Yes I Did!
Mar. 5, 2019•0 likes•431 views
1 likes
Be the first to like this
Show More
views
Total views
0
On Slideshare
0
From embeds
0
Number of embeds
0
Download to read offline
Report
Internet
Every month, we hear about a new data breach and billions of user passwords are being shared as we speak. How can we stop this? There is a simple solution, let’s stop using passwords! From email links to biometrics, more and more technologies are available to help developers handle different types of credentials. During this presentation, the attendees will learn about some of the alternatives and how to implement them in the context of an OAuth flow.
Joel LordFollow
Advertisement
Advertisement
Advertisement
Forgot Password? Yes I Did!
- FORGOT PASSWORD? YES I DID! AN INTRO TO PASSWORDLESS AUTHENTICATION
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ABOUT ME @joel__lord joellord
- PASSWORDS ARE BAD
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! PASSWORDS ARE BAD ▸ Help desk costs ▸ Technology acquisition costs ▸ Management and operations costs
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! PASSWORDS ARE BAD ▸ 2,6G data records compromised in 2017
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! PASSWORDS ARE BAD ▸ 2,6G data records compromised in 2017 ▸ https://breachlevelindex.com
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! PASSWORDS ARE BAD ▸ More computing power === easier cracking ▸ More social media presence === easier social engineering ▸ Users will always be your weakest link
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! PASSWORDS ARE BAD ▸ 23% of users admit having only one password ▸ More than 60% of users use at least two devices everyday ▸ We all hate passwords!
- @joel__lord #BocaJS
- @joel__lord #BocaJS
- @joel__lord #BocaJS
- @joel__lord #BocaJS
- WHAT CAN YOU DO?
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! WHAT CAN WE DO? ▸ Use best practices
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! OAUTH - IMPLICIT FLOW
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! OAUTH - IMPLICIT FLOW ⛔
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! OAUTH - IMPLICIT FLOW
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! OAUTH - IMPLICIT FLOW
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! OAUTH - IMPLICIT FLOW
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! OAUTH - IMPLICIT FLOW
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! OAUTH - IMPLICIT FLOW
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! OAUTH - IMPLICIT FLOW
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! WHAT CAN WE DO? ▸ Use best practices ▸ Delegate
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! WHAT CAN WE DO? ▸ Use best practices ▸ Delegate ▸ MFA
- FORGET PASSWORDS
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! FORGET PASSWORDS ▸ Avoid reusing passwords
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! FORGET PASSWORDS ▸ Avoid reusing passwords ▸ Use a password manager
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ALTERNATIVES ▸ WebAuthn
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ALTERNATIVES ▸ WebAuthn
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ALTERNATIVES ▸ WebAuthn
- DEAR DEMO GODS, PLEASE LET THIS WORK WEBAUTHN DEMO Demo src: https://webauthn.me/
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ALTERNATIVES ▸ WebAuthn
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ALTERNATIVES ▸ WebAuthn ▸ Biometrics
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! BIOMETRICS https://www.microsoft.com/en-us/research/wp-content/uploads/2008/10/ECCV_CAT_PROC.pdf
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! BIOMETRICS https://www.microsoft.com/en-us/research/wp-content/uploads/2008/10/ECCV_CAT_PROC.pdf
- DEAR DEMO GODS, PLEASE LET THIS WORK BIOMETRICS DEMO Demo src: https://voiceit.io/
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ALTERNATIVES ▸ WebAuthn ▸ Biometrics
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ALTERNATIVES ▸ WebAuthn ▸ Biometrics ▸ Magic Links
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ALTERNATIVES ▸ WebAuthn ▸ Biometrics ▸ Magic Links
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (POST /AUTHORIZE)
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (POST /AUTHORIZE)
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (POST /AUTHORIZE)
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (POST /AUTHORIZE)
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (POST /AUTHORIZE)
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (GET /LOGIN/{MAGICLINK})
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (GET /LOGIN/{MAGICLINK})
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (GET /LOGIN/{MAGICLINK})
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (GET /LOGIN/{MAGICLINK})
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (GET /LOGIN/{MAGICLINK})
- DEAR DEMO GODS, PLEASE LET THIS WORK MAGIC LINK DEMO Demo src: https://github.com/joellord/secure-spa-auth0/
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ALTERNATIVES ▸ Yubikeys ▸ Biometrics ▸ Magic Links
- FUTURE OF IDENTITY MANAGEMENT
- @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! RESOURCES ▸ OAuth & Open ID Connect ▸ http://bit.ly/oauth-talk ▸ JWTs ▸ https://jwt.io ▸ WebAuthn ▸ http://bit.ly/webauthn-demo ▸ VoiceIt integration with Auth0 ▸ http://bit.ly/auth0-voiceit
- @joel__lord joellord FORGOT PASSWORD? YES I DID! BocaJS March 5th, 2019 THANK YOU !
- TEXT
- TEXT
Advertisement