You Shall Not Password: Modern Authentication for Web Apps
Room 2
15:00 - 16:00
(UTC+02)
Talk (60 min)
Thursday
In the good old days, your users would log into a web app with a username and password. But now people expect an alphabet soup of SSO, 2FA, OAuth, OIDC, SAML, FIDO2, OTP... What do they all mean - and why do they matter? Why is central authentication useful? What does two-factor authentication really protect us from, and what's still wide open? Learn how to keep your users safe as we discuss the good, the bad and the ugly of modern authentication mechanisms for the Web.
People
Security
Web
This talk is aimed at anyone passingly familiar with web development, with an interest in security, or who simply wants to know what’s really going on when you ‘sign in with Google’.
Eli Holderness
Eli has been in tech since being released back into the wild from studying maths at university 7 years ago. They've spent their time working in industries ranging from telecoms to biotech to analog circuit design, continually getting nerd-sniped along the way. These days, they're a freelancer who speaks at conferences, runs workshops, and learns whatever they want. In their spare time, they like to play video games, knit and sew, and hang out with their cat.