Skip Main Navigation
Page Content
This event has ended

OWASP Göteborg: Authentication

OWASP Göteborg

Tuesday, February 18, 2014 from 5:30 PM to 9:00 PM (CET)

Ticket Information

Type Remaining End Quantity
OWASP member Sold Out Ended Free  

Share OWASP Göteborg: Authentication

Event Details

On February 18th, OWASP Göteborg will host an event on authentication. We are very happy to welcome Per Thorsheim, founder of the Passwords conference, och Klas Lindfors from Yubico. They will tell us about the state of passwords and how two-factor authentication can help us stay more secure. Magnus Almgren from Chalmers will also share some information about RAID2014, which will be held in Göteborg this fall. In other words it looks to be an enlightening evening, as usual!

We are grateful to our sponsor for the evening, Ajilon Consultants AB, for food, drink, venue and enabling us to import speakers from foreign countries (Norway, that is).

This event will be held in English!

Agenda
17:30 Event starts with a light snack and drink. A word from our sponsor Ajilon Consultants.

18:00 Community update
18:10 Klas Lindfors / Yubico - OTP and U2F
19:00 Short break
19:10 Per Thorsheim / Stricture Consulting Group, God Praksis AS - (Almost) everything about passwords that OWASP won't teach you
20:00 Beer, snacks and some serious security live chat
Approx. 21:00 Event ends

Speaker bios and abstracts
Klas Lindfors
One time passwords are being deployed by larger websites including Google, Facebook, GitHub, LinkedIn etc but they have their ups and downs. What type of OTP should you use; the YubiKey OTP, OATH HOTP, or OATH TOTP? How would you validate the OTP; building your own server and protecting the secrets, or rely on a cloud service like Yubico's YubiCloud or VeriSign VIP? The talk will also cover the future of two-factor authentication with the FIDO Universal 2nd Factor (U2F) protocol.

Klas Lindfors is a software developer at Yubico, working with one time passwords at all layers: firmware, personalization & validation.

Per Thorsheim
OWASP has some wonderful guidelines on sending, storing and resetting passwords. However there are still challenges that cannot be addressed through technical measures, they need to be addressed by humans, and not just developers. Through color & font selections, association elements, password managers, human pattern analysis and more, this talk will discuss what we are still doing wrong, the risks associated with bad passwords, and give some advice on what we need to do in order to improve our online security.

Per Thorsheim is the founder & main organizer of the Passwords conferences (PasswordsCon.org), a conference fully dedicated to passwords & PINs. He's been working, examining, playing, dreaming and discusssing passwords for more than 14 years, and is still going strong. He publicly disclosed the hacking of Linkedin in june 2012, and has been interviewed and quoted around the world on his excessive interest in passwords. During daytime he tries to solve challenges for his customers through security awareness training & security advisory services. Some say he's good at explaining advanced topics to regular humans. He is certified CISA, CISM and CISSP-ISSAP.

Have questions about OWASP Göteborg: Authentication? Contact OWASP Göteborg

When & Where


Postgatan 28
28 Postgatan
41103 Gothenburg
Sweden

Tuesday, February 18, 2014 from 5:30 PM to 9:00 PM (CET)


  Add to my calendar

Organizer

OWASP Göteborg

Det lokala chaptret i Göteborg inom Open Web Application Security Project (OWASP)

Att bli medlem är enkelt och gratis - du behöver du bara gå med i mailinglistan.

  Contact the Organizer

Interested in hosting your own event?

Join millions of people on Eventbrite.

Please log in or sign up

In order to purchase these tickets in installments, you'll need an Eventbrite account. Log in or sign up for a free account to continue.