Overview
Explore the critical issues surrounding modern authentication practices in this thought-provoking 56-minute conference talk from the 44CON Information Security Conference. Delve into the costs and phases of authentication, examine the limitations of two-factor authentication, and challenge common misconceptions about password security. Learn about offline password cracking techniques and discover new official guidelines for secure authentication. Gain insights into real-world applications and understand the ideal properties of effective authentication systems. Conclude with valuable takeaways and references to enhance your understanding of best practices in information security.
Syllabus
Layout
Why am I talking about this?
The costs
The phases
Properties you would expect
2FA is the answer to everything
Passwords need to be secure!
Offline password cracking
New official guidance/guidelines
Real-world
What it should look like (2)
Properties one would expect
Conclusion and take-aways
References
Taught by
44CON Information Security Conference