Implementing Secure Authentication for the Web

Arne Blankerts | International PHP Conference – Spring Edition |

Securely storing credentials is not easy, proven by the fact that hardly a day goes by without a company admitting they had a security breach and login credentials got stolen. So maybe we should not have them store passwords to begin with! WebAuthn, the W3C Standard for secure and phishing-proof logins, aims for nothing less than to revolutionize authentication on the web. Already supported by all major browsers, it can be used as an alternative to TOTP tokens for a secure second factor that can even replace passwords altogether. In this workshop we will modernize an existing PHP application with a rather traditional login to use a secure second factor for authentication, retire the need for passwords and protect it against all sorts of attacks. Join us in our quest to make stolen credentials a thing of the past!

Über den Referenten

Arne Blankerts

Arne Blankerts hat schon Lösungen parat, bevor andere ein Problem erkannt haben.