Explore the critical issues surrounding modern authentication practices in this thought-provoking 56-minute conference talk from the 44CON Information Security Conference. Delve into the costs and phases of authentication, examine the limitations of two-factor authentication, and challenge common misconceptions about password security. Learn about offline password cracking techniques and discover new official guidelines for secure authentication. Gain insights into real-world applications and understand the ideal properties of effective authentication systems. Conclude with valuable takeaways and references to enhance your understanding of best practices in information security.