Passwords are Dead: WebAuthn for Securing Web Applications

Logo
Presented by

Chris Volny, Senior Software Engineer, SSO Services Duo Security,Cisco

About this talk

Modern web applications are poised to replace passwords with widely available cryptographic authenticators. The Verizon DBIR cites password misuse or brute force as responsible for more than 80% of all breaches year-over-year, so why do we still use them when alternatives exist? This talk will discuss advances in authentication methods not reliant on passwords, introduce and provide context around the FIDO2/WebAuthn standard, and review current platform support for WebAuthn implementation. Further, it will demonstrate integrating WebAuthn into a React and Python application, and finally discuss security posturing and system design considerations when implementing passwordless authentication systems.

Related topics:

More from this channel

Upcoming talks (19)
On-demand talks (740)
Subscribers (49637)
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa