Paulo Lopes
I’m Paulo, and I’ve used my 15+ years of software development experience to write secure distributed system and open-source libraries for many industries. In the last 7 years, I work as core developer on open source reactive systems libraries that power high-performance systems and frameworks you may use daily. I’ve implemented one of the first FIDO2 conformant open-source libraries for the JVM and am a true believer and advocate for the use of strong security standards on the JVM.
FIDO2/Webauthn: Replace passwords with strong phishing free security
The end of password-based authentication is near. Weak passwords are the cause of endless security breaches, and the constant reuse of the same password across different accounts is what keeps the clock ticking for the next breach to happen.
The FIDO2 standard aims to replace passwords entirely, and there is a good deal of chance that it will succeed. It has gained significant momentum in the past couple of years, as all major browser and operating system vendors fully jumped on board.
This talk will provide a deep dive of the FIDO2 and W3C WebAuthn standards, with the main focus on how to quickly implement it on any application using open-source FIDO Alliance conformant libraries.
Best practices, including security token lifecycle management, will also be covered.