Broken Authentication remains firmly pegged at the #2 position in the OWASP Top 10. There are many multi-factor authentication options available for developers to improve user security, and yet MFA implementation remains frustratingly underutilised around the web.
This talk will survey several of the more common types of MFA currently available. We’ll do a deeper dive exploration of the Time-based One-Time Password (TOTP) algorithm used by Google Authenticator, and then we’ll also take a peek at some of the exciting new MFA options on the horizon including biometric and behavioural authentication. My goal is
to provide general security information to anyone with an interest in this area. Code samples will be in .NET and will be only a portion of the overall presentation.
Kevin Thomas is a Senior Consultant at Equinox IT with nearly 20 years experience in .NET web and relational database development. He has delivered software solutions to commercial, government, and non-profit sectors, in disciplines including land conservation, property ownership, education, automotive, and general consulting. He is generally interested in security best practices and is always looking to improve his skills and knowledge in this area. Kevin generally spends his spare time scuba diving, hiking, board gaming, or brewing and tasting craft beer.
If you are unable to make it, this event will be livestreamed on Youtube from 6pm at this url: https://www.youtube.com/watch?v=lAkw24tClvQ