Passwords are bad. We all know it, but we also know you’re not going to build a service that doesn’t use them – not if you like paying the rent. However, we can do a lot better. We’ll take a whirlwind tour through the aspects of connecting people to your service, from generating passwords, not using passwords at all, creating users with one tap, identity providers, automatic cross-device sign-in, and password managers. Sign-in should be simple.


Comments are closed.

Chris Hartjes at 15:42 on 28 Jan 2017

Liked the talk because it addressed the issues surrounding passwords and making it easier to create applications that require usernames and passwords

Iamabot at 15:43 on 28 Jan 2017

Amazing inspiring talk. I hate you!

Bart Ducheyne at 15:50 on 28 Jan 2017

I liked the talk, didn't like the guessing and getting all the percentages at the given speed.

Didn't like the fact its basically javascript and at this point only chrome specific experimental technology.

Van Belle Jonathan (Grummfy) at 15:54 on 28 Jan 2017

thanks, very intresting, too limited to Google in my opinion. but very helpful

Christiaan Bye at 16:15 on 28 Jan 2017

Interesting and insightful talk!

I particularly liked the interaction with the attendees. Also creative idea to wrap up with a to-do list :)

Thijs at 08:48 on 29 Jan 2017

Good beginning. Strong start. Had a scientific feel to it. Good tempo.

I liked the number guessing, but maybe 3/4 is enough.

I will do your HTML attribute assignment.

The rest of the talk imo focused to much on
The credential navigator - an experimental JavaScript proposal ( only available in google chrome 51)
A google android solution for syncing and creating passwords.

Some other platform solutions (iOS keychain, appe handoff, Mozilla sync etc) would've made it less of a google promotion.

Good talk overall, and you raised some strong points on what we as developer can do to increase security.

However, I have to agree with some other commenters here that you focused a bit too much on Credential API, allthough it was interesting enough to merit your choice for doing so.

I liked your talk and the way you bring up the security issues. The number game was nice, but the last part was too much (no one could have guessed that).

I liked the introduction to the credential manager, but as it lacks support in more browsers, it is very limited.

Overall this talk was well brought and the interactive part was a nice touch.

Muhammed at 22:52 on 29 Jan 2017


A very well presented talk. I still have some doubts about the Credential API from Google, but it certainly is a good thing in the current discussion about passwords and authorization. And it gave me a new thing to play with and things to think about!