Recommended
More Related Content
Similar to Forgot Password? Yes I Did! An Intro to Passwordless Authentication
Similar to Forgot Password? Yes I Did! An Intro to Passwordless Authentication (6)
More from Joel Lord
More from Joel Lord (20)
Recently uploaded
Recently uploaded (20)
Forgot Password? Yes I Did! An Intro to Passwordless Authentication
- 1. FORGOT PASSWORD? YES I DID! AN INTRO TO PASSWORDLESS AUTHENTICATION
- 2. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ABOUT ME @joel__lord joellord
- 4. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! PASSWORDS ARE BAD ▸ Help desk costs ▸ Technology acquisition costs ▸ Management and operations costs
- 5. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! PASSWORDS ARE BAD ▸ 2,6G data records compromised in 2017
- 6. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! PASSWORDS ARE BAD ▸ 2,6G data records compromised in 2017 ▸ https://breachlevelindex.com
- 7. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! PASSWORDS ARE BAD ▸ More computing power === easier cracking ▸ More social media presence === easier social engineering ▸ Users will always be your weakest link
- 11. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! PASSWORDS ARE BAD ▸ 23% of users admit having only one password ▸ More than 60% of users use at least two devices everyday ▸ We all hate passwords!
- 16. WHAT CAN YOU DO?
- 17. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! WHAT CAN WE DO? ▸ Use best practices
- 18. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! OAUTH - IMPLICIT FLOW
- 19. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! OAUTH - IMPLICIT FLOW ⛔
- 20. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! OAUTH - IMPLICIT FLOW
- 21. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! OAUTH - IMPLICIT FLOW
- 22. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! OAUTH - IMPLICIT FLOW
- 23. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! OAUTH - IMPLICIT FLOW
- 24. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! OAUTH - IMPLICIT FLOW
- 25. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! OAUTH - IMPLICIT FLOW
- 26. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! WHAT CAN WE DO? ▸ Use best practices ▸ Delegate
- 27. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! WHAT CAN WE DO? ▸ Use best practices ▸ Delegate ▸ MFA
- 28. FORGET PASSWORDS
- 29. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! FORGET PASSWORDS ▸ Avoid reusing passwords
- 30. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! FORGET PASSWORDS ▸ Avoid reusing passwords ▸ Use a password manager
- 32. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ALTERNATIVES ▸ WebAuthn
- 33. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ALTERNATIVES ▸ WebAuthn
- 34. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ALTERNATIVES ▸ WebAuthn
- 35. DEAR DEMO GODS, PLEASE LET THIS WORK WEBAUTHN DEMO Demo src: https://webauthn.me/
- 36. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ALTERNATIVES ▸ WebAuthn
- 37. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ALTERNATIVES ▸ WebAuthn ▸ Biometrics
- 38. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! BIOMETRICS https://www.microsoft.com/en-us/research/wp-content/uploads/2008/10/ECCV_CAT_PROC.pdf
- 39. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! BIOMETRICS https://www.microsoft.com/en-us/research/wp-content/uploads/2008/10/ECCV_CAT_PROC.pdf
- 40. DEAR DEMO GODS, PLEASE LET THIS WORK BIOMETRICS DEMO Demo src: https://voiceit.io/
- 41. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ALTERNATIVES ▸ WebAuthn ▸ Biometrics
- 42. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ALTERNATIVES ▸ WebAuthn ▸ Biometrics ▸ Magic Links
- 43. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ALTERNATIVES ▸ WebAuthn ▸ Biometrics ▸ Magic Links
- 44. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (POST /AUTHORIZE)
- 45. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (POST /AUTHORIZE)
- 46. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (POST /AUTHORIZE)
- 47. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (POST /AUTHORIZE)
- 48. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (POST /AUTHORIZE)
- 49. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (GET /LOGIN/{MAGICLINK})
- 50. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (GET /LOGIN/{MAGICLINK})
- 51. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (GET /LOGIN/{MAGICLINK})
- 52. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (GET /LOGIN/{MAGICLINK})
- 53. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! MAGIC LINKS (GET /LOGIN/{MAGICLINK})
- 54. DEAR DEMO GODS, PLEASE LET THIS WORK MAGIC LINK DEMO Demo src: https://github.com/joellord/secure-spa-auth0/
- 55. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! ALTERNATIVES ▸ Yubikeys ▸ Biometrics ▸ Magic Links
- 57. @joel__lord #BocaJS FORGOT PASSWORD? YES I DID! RESOURCES ▸ OAuth & Open ID Connect ▸ http://bit.ly/oauth-talk ▸ JWTs ▸ https://jwt.io ▸ WebAuthn ▸ http://bit.ly/webauthn-demo ▸ VoiceIt integration with Auth0 ▸ http://bit.ly/auth0-voiceit
- 58. @joel__lord joellord FORGOT PASSWORD? YES I DID! BocaJS March 5th, 2019 THANK YOU !
- 60. TEXT
- 61. TEXT