SecAppDev 2019 has ended
Back To Schedule
Monday, February 18 • 14:00 - 15:30
A modern take on passwords

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Despite proclamations of the obsolescence of passwords, they remain an essential component of user authentication. Many long-accepted tenets of password-based authentication need to be reexamined.

Passwords have been around for a long time. They are by far the widest-deployed way of authenticating users. Passwords suffer from many well-known and well-researched weaknesses. Nonetheless, numerous applications still rely on passwords, even in a security-sensitive context. Passwords even remain the most commonly used first factor in multi-factor authentication systems. Regardless of their popularity, many voices call for discarding passwords altogether. After all, would it not be better to have a stronger and more usable authentication mechanism?

In this session, we take a closer look at password-based authentication. We investigate many commonly-made implementation mistakes and better alternatives. We investigate how to make security work for your users, instead of working against them. In the end, you will walk away with a modern set of best practices for handling password-based authentication. Both your application and your users will benefit from these new insights.

This session is intended for anyone designing or implementing password-based user authenticationanyone building, designing or securing web applications


Jim Fenton

Internet Technologist, Altmode Networks

Monday February 18, 2019 14:00 - 15:30 CET
Main building (room Lemaire)