Explore Facebook's internal multi-factor authentication platform in this 34-minute conference talk from Security @ Scale 2014. Gain insights from John "Four" Flynn, Security Engineering Manager at Facebook, as he delves into the design challenges, goals, and solutions implemented for enhancing internal infrastructure security. Learn about the innovative approaches to SSH, biometrics, smartcards, and SFTP, as well as the importance of SSH logs and session keys in strengthening security measures. Discover how Facebook addressed unique security needs for its engineers and the lessons learned from this implementation.
2FAC: Facebook's Internal Multi-factor Authentication Platform
Overview
Syllabus
Intro
Overview
Engineers at Facebook
Why 2FAC
SSH
Design Challenge
Biometrics
Smartcards
Design Goals
Solution Overview
SSH Logs
SSH Session Key
What People Were Doing
What We Did
SFTP
RegX whitelist
Wolf meme
Conclusion
Feedback
Taught by
Meta Developers
