Effective user authentication is a critical part of securing your data and infrastructure. Passwords are not enough any more, multi-factor auth is a must. This talk will dive into how FIDO U2F security keys work, why they are awesome, and how they defend against phishing attacks.
SMS codes and one-time-password apps are a great improvement over passwords alone, but the FIDO Alliance’s Universal Two Factor specification attempts to take it a step further. U2F provides a phishing resistant, hardware based second authentication factor.
Before you depend on a technology as a building block of security, it’s good to understand how it works, and why it’s a good fit for your needs. This talk will cover these things, so you don’t have to read the spec yourself.
An overview of the two-factor landscape