MFA, U2F, FIDO, OH My!

By Brian Retterer

Elevator Pitch

There are so many different acronymous out there for authentication. What do they all mean? Do you need them for your application? Are you actually secure without them? This talk explores all the different features of each.

Description

With so many different acronymous out there for dealing with a second factor in your authentication system, what is the right one to go with. We will explore a few of the most popular ones, as well as some of the not so great.

In this talk, we will cover: - SMS as a second factor - MFA with TOTP - FIDO/U2F - Simple Email 2FA

By the end of this course, you will understand what each of these mean and may even be able to implement the ideas in your own code base.