Secure Authentication for the Web

Arne Blankerts | The Online PHP Conference |

Securely storing credentials is not easy, proven by the fact that hardly a day goes by without a company admitting they had a security breach and login credentials got stolen. So maybe we should not have them store passwords to begin with! WebAuthn, the W3C Standard for secure and phishing-proof logins, aims for nothing less than to revolutionize authentication on the web. Already supported by all major browsers, it can be used as an alternative to TOTP tokens for a secure second factor that can even replace passwords altogether. In this workshop we will modernize an existing PHP application with a rather traditional login to use a secure second factor for authentication, retire the need for passwords and protect it against all sorts of attacks. Join us in our quest to make stolen credentials a thing of the past! This is an interactive live coding workshop in mob-programming style with the presenter's screen shared. You will not write code on your own computer.

Über den Referenten

Arne Blankerts

Arne Blankerts hat schon Lösungen parat, bevor andere ein Problem erkannt haben.