Talk in English - US at PHP TEK 2025
Track Name:
Wrigley Field
View Slides: https://docs.google.com/presentation/d/10a3XrKi7A4b3323No0O-dnsAAM5eWgnjJOoCjTxUdEY/edit?usp=drive_link
Short URL: https://joind.in/talk/6101c
(QR-Code (opens in new window))
One of the things that developers often leave last when pushing out code is security. The amount of support requests I get in alone on implementing APIs on PHP versions that were end of life 2+ years ago tells me we still neglect security.
You have hashed passwords, fine. What about more modern application auth? Well, some people might already be using two-factor authentication with SMS. BUT... have you heard of Silent Authentication? Ever tried a Yubikey integration? In this session, we'll revisit security to open new doors you might have missed.
Comments
Please login to leave a comment
An excellent overview of modern authentication with a good balance of code examples and exposition
Very thorough. Going to try out bitwarden
5 stars for the jokes.
good talk about 2fa, multifactor, and webauthn. however the title talk was very misleading as to what the talk was about
This was a great talk by Chuck that went over different MFA strategies and gave quick but practical demos as to how basic setup and login flows could be implemented with each strategy. Gave a well-explained overview of some of the structure and standards that go into OTPs and WebAuthN as well as a brief look as "silent auth".
Chuck was brilliant and funny. His knowledge of the subject matter was evident.