PHP Session and Password Security


Comments are closed.

Tim Lindner at 10:48 on 1 Oct 2016

Great talk! Very good speaker, knowledgable on topic and talk was the perfect mix of overview, demo/examples and actionable takeaways.

Jim Dreger at 10:56 on 1 Oct 2016

Very knowledgeable speaker. Covered material well.

Hao at 10:58 on 1 Oct 2016

Covered the topic well! :)

The demos and the presentation was excellent.

Tim Ostendorf at 11:04 on 1 Oct 2016

Great overview and examples. Very clear and concise.

Mathew Beane at 11:11 on 1 Oct 2016

Great talk, speaker went through the topic really well. The code examples were easy to follow and informative. The speaker was fun to listen to and had good crowd control.

Good overview of sessions and password hashing. So many sites out there aren't yet using the most secure methods of hashing or protecting the session and this talk gave a good overview on just how easy it is to add a high level of security to your sites.

Joel Clermont at 13:38 on 1 Oct 2016

This talk was well-organized and the speaker was very easy to listen to. I especially liked the real-world demos showing the concepts being discussed.

One small critique was that some of the slides and many of the demos were very difficult to see clearly.

Bruce Green at 20:32 on 1 Oct 2016

Good overview with concepts implemented in real-world scenarios indicated the speaker was well prepared. A most informative "alert" message.

Alex Fraundorf at 14:11 on 2 Oct 2016

Elliott was able to clearly share his knowledge on session and password security in a fun and light-hearted way complete with examples and his own live demo on his website for the audience to play with (learn from) later on.
Not only informative but entertaining, it certainly seems like Elliott enjoys speaking as much as he is skilled at it.

Tom Godar at 13:48 on 3 Oct 2016

Well put together talk. Use of examples/slides all tied in well. Enjoyed it.

Would have liked to learn more about the recent changes in php70... new session related directives, etc. Maybe reiterate how to use session_regenerate_id when escalating user privileges.

Chelsea Greger at 11:00 on 5 Oct 2016

This talk was informative and showed a few examples of the importance of password security. I enjoyed the presentation, but thought it was inappropriate to include politics in a talk about password security.

Engaging and clear. I appreciated the distinction between encoding and encryption. Demos worked smoothly. Some of the screens would have been difficult to read if I hadn't been in the front row. Maybe it would be good to move some of the key material from live into slides for that reason, or otherwise find a way to make the display more accessible.