Talk in English - US at php[world] 2017
View Slides: https://speakerdeck.com/ericmann/2fa-u2f-oob-and-other-terrifying-security-acronyms
Short URL: https://joind.in/talk/d0fa3
(QR-Code (opens in new window))
In 2016, NIST announced it was deprecating SMS-based 2FA (second-factor authentication) from its Digital Authentication Guidance. As the internet works to harden application and online security, what are the proper options available for truly secure authentication? What are those OOB (out-of-band) transactions anyway? Why is identity security so hard? Come learn about the tools that define the identity security landscape and how to easily integrate strong identity verification methods with your existing services. BYOA (bring your own acronyms).
Comments
Comments are closed.
Great talk - super useful!
A fantastic primer into the infosec community, demystifying terms and acronyms that are common on Hacker News but may be outside the vernacular of the typical developer.
I also learned about SS7 and how totally vulnerable we are. Thanks for that, Eric — I was getting too comfortable ;)