Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Safeguarding Web Applications Against Token Theft - Fortifying Security with DPoP

JSConf via YouTube

Overview

Explore a cutting-edge approach to securing web applications against token theft in this 18-minute JSConf talk. Delve into the challenges of securely storing and retrieving authentication and authorization tokens in browsers, despite the robust framework provided by OAuth 2.0. Learn about DPoP (Demonstrating Proof of Possession), an emerging standard that extends OAuth 2.0, offering an innovative solution to enhance token management security. Discover how this potential game-changer can significantly improve the safety of current web authentication and authorization mechanisms. Gain insights from Software Architect Shikhar Kapoor's 14 years of experience in building and scaling web applications. The talk covers an introduction to token theft, an explanation of DPoP, and a discussion on potential DPoP attacks, providing a comprehensive overview of this important web security topic.

Syllabus

Introduction
Token Theft
Depop
Depop Attacks

Taught by

JSConf

Reviews

Start your review of Safeguarding Web Applications Against Token Theft - Fortifying Security with DPoP

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.