Play all

Intro

Servers suck at passwords Your password must satisfy the following rules

Passwords are the least worst Passwords

Mitigations: Password permute Passwords that you characters are easier to type on mobile

Encourage strong passwords Provide strength feedback as the user types

Allow users to see their password

fido

UAF - Universal Authentication Framework

Registering: server Server generates a challenge

Registering browser Javascript relays the challenge to the device

Registering: browser Javascript relays the challenge to the device

Registration: server Verify the response against the challenge

Authentication server Verify the password, then generate a challenge

Authentication: browser Javascript sends the challenge to the device

Authentication: verify the response

More info

Description:

Explore password security and authentication innovations in this EuroPython Conference talk. Delve into research-backed techniques for improving password system usability and mitigating shortcomings. Learn about the Universal Authentication Framework (UAF) and Universal Second Factor (U2F) standards, understanding how they streamline authentication processes and potentially eliminate passwords. Discover integration methods for UAF/U2F in Django and other Python frameworks. Gain insights into the current support status for UAF & U2F across browsers, devices, and the wider tech ecosystem. Enhance your understanding of modern authentication practices and their implementation in Python-based systems.

Taking the Pain Out of Passwords and Authentication

EuroPython Conference

Add to list

#Conference Talks #EuroPython #Programming #Programming Languages #Python #Information Security (InfoSec) #Cybersecurity #Password Management