Play all

Intro

Tabletop Scenarios

Tabletop Scenario #1

Administrivia

Perils of the naive solution

Avoiding the 2FA bypass

Tabletop Scenario #2

Possible solutions

Tabletop Scenario #3

Impersonation

Security Questions

Changing Password Every Login Easier Than Remembering Password

Alternate Authentication Methods - for Attackers

Recovery with 2FA enabled

2FA recovery

Tabletop Scenario #4

Unhappy Story

Potential Mitigations

First steps

Ongoing steps

Tabletop Scenario #5 - Account discovery

Considering death

Personal observations - 1/2

Personal mitigations - 1/3

Keep good records

Personal mitigations - 3/3

Personal mitigations - parallels

Conclusions - 2/2

Questions/Discussion

Description:

Explore the complex challenges of modern authentication systems in this 31-minute conference talk from linux.conf.au. Delve into the unintended consequences of enhanced security measures, such as password managers, two-factor authentication, and randomized security questions. Examine how these improvements can inadvertently complicate account recovery, especially in cases of user incapacitation or death. Consider the delicate balance between strengthening authentication security and ensuring legitimate account access for trusted associates or bereaved family members. Analyze various scenarios, potential solutions, and personal mitigation strategies to address these emerging issues in the evolving landscape of digital identity and account management.

Authentication Afterlife - The Dark Side of Making Lost Password Recovery Harder

linux.conf.au

Add to list

#Conference Talks #linux.conf.au #Information Security (InfoSec) #Cybersecurity #Password Management #Two-Factor Authentication (2FA)