Explore the concept of passwordless authentication in this 39-minute conference talk from BSidesLV 2017. Delve into various passwordless methods, including Clef, U2F, and Credential Management, with a focus on Slack's magic links. Examine the usability and security properties of magic links compared to traditional password-based authentication. Gain insights into the simplicity of password-based auth and understand key takeaways from the magic link protocol. Conclude with a Q&A session to address any remaining questions about going passwordless in modern security practices.
Overview
Syllabus
Intro
What is this talk?
What does it matter? - Clef
Regular U2F
Credential Management - the krux
Slack magiclinks
Usability Properties of Magic Links
Security Properties of Magic Links
Password based auth.
Password based auth is simple
Magic link protocol takeaways
Conclusion
Questions
Taught by
BSidesLV
