Every month, we hear about a new data breach and billions of user passwords are being shared as we speak. How can we stop this? There is a simple solution, let’s stop using passwords! From email links to biometrics, more and more technologies are available to help developers handle different types of credentials. During this presentation, the attendees will learn about some of the alternatives and how to implement them in the context of an OAuth flow.


Comments are closed.

Colin O'Dell at 11:57 on 20 Nov 2018

I thought this was a good high-level overview of the various authentication options. Joel did a great job summarizing those options and their pros/cons.

However, I did feel it was a little too high-level and could have gone into more detail on the code implementation. Also, the magic link example relied on the uniqid() function which does guarantee uniqueness, which could lead to some security issues for anyone implementing that code as-is in production.

Nevertheless, I did learn a good bit, and with a little refinement this could easily be a 4- or 5-star talk!