'Interaction Assurance': Options for Strong Authentication in World 2.0? BarCampBuffalo Open Discussion
BarCampBuffalo Open Discussion
Options for Strong
Authentication in World 2.0?
S. Navpreet Jatana
How did you find out about
IT Executive, most recently Erie County
CIO where I led, empowered, mentored a
staff of 62+
Passionate about making things better,
solving real problems with technology
More about me: www.jatana.com
Sentence Completion Exercise
Why should we care?
We want to
How am I affected?
Threats to Our Identity
We want to make things easy
Reused Passcodes Across Sites
Simple, Easy-to-Remember(Guess) Passwords
Microsoft ‘Notepad’ Password Manager
Saving our Passcodes within our Browser
We like to run cool programs from our friends
Trojans and Viruses
We are tricked by shady characters
Phishing (social engineering)
Some Existing Solutions
Digital Certificates (PKI)
Some Two-factor Authentication Vendors
Entrust® USB Tokens
The Pain for the Average User
Functionality vs. Security?
We expect both!
Too Many Passcodes to Remember
Varying complexity requirements
Proprietary, Closed-source Solutions
What we know (passcode)
Complex Software Install/Configuration
Too many competing/unwanted options
The Ideal Medicine
Easy to Use
Open-source, Extensible, Audited
In your experience, what is the ideal
One Possible Option...