Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Taking the Pain Out of Passwords and Authentication

EuroPython Conference via YouTube

Overview

Explore password security and authentication innovations in this EuroPython Conference talk. Delve into research-backed techniques for improving password system usability and mitigating shortcomings. Learn about the Universal Authentication Framework (UAF) and Universal Second Factor (U2F) standards, understanding how they streamline authentication processes and potentially eliminate passwords. Discover integration methods for UAF/U2F in Django and other Python frameworks. Gain insights into the current support status for UAF & U2F across browsers, devices, and the wider tech ecosystem. Enhance your understanding of modern authentication practices and their implementation in Python-based systems.

Syllabus

Intro
Servers suck at passwords Your password must satisfy the following rules
Passwords are the least worst Passwords
Mitigations: Password permute Passwords that you characters are easier to type on mobile
Encourage strong passwords Provide strength feedback as the user types
Allow users to see their password
fido
UAF - Universal Authentication Framework
Registering: server Server generates a challenge
Registering browser Javascript relays the challenge to the device
Registering: browser Javascript relays the challenge to the device
Registration: server Verify the response against the challenge
Authentication server Verify the password, then generate a challenge
Authentication: browser Javascript sends the challenge to the device
Authentication: verify the response
More info

Taught by

EuroPython Conference

Reviews

Start your review of Taking the Pain Out of Passwords and Authentication

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.