Explore the critical issues surrounding modern authentication practices in this thought-provoking 56-minute conference talk from the 44CON Information Security Conference. Delve into the costs and phases of authentication, examine the limitations of two-factor authentication, and challenge common misconceptions about password security. Learn about offline password cracking techniques and discover new official guidelines for secure authentication. Gain insights into real-world applications and understand the ideal properties of effective authentication systems. Conclude with valuable takeaways and references to enhance your understanding of best practices in information security.
Overview
Syllabus
Layout
Why am I talking about this?
The costs
The phases
Properties you would expect
2FA is the answer to everything
Passwords need to be secure!
Offline password cracking
New official guidance/guidelines
Real-world
What it should look like (2)
Properties one would expect
Conclusion and take-aways
References
Taught by
44CON Information Security Conference
Related Courses
-
Defense with Two-Factor Authentication - Strategies and Vulnerabilities
-
Sex, Secret and God - A Brief History of Bad Passwords
-
Password Intelligence Project - Advanced Password Recovery and Modern Mitigation Strategies
-
Taking the Pain Out of Passwords and Authentication
-
Common Observations from a Security Assessor
-
A Tale of Two Sides of 2FA
