filter >

Photo

What the @#!? is Auth

Warren Parad

from Authress (Switzerland)

About speaker

CTO and Security Specialist @ Authress

Warren focuses on technology that helps teams automate security implementations. He has journeyed through many different locations, technologies, and industries from Health Care IT in Wisconsin to E-Commerce in Switzerland.

About speakers company

Authress provides the complete authentication and authorization solution to easily drop into the software you're building. It enables login integration, fine grained control over permissions, api keys as a service, secure identities, and everything else to solve identity for your application control plane. We've been building Authress for over 6 years in Switzerland, and have a very dedicated team focused on security and convenience.

Abstracts

specific

Authentication remains a complicated yet critical aspect of application security. In this talk, I'll demystify the core concepts, diving into access tokens, refresh tokens, and browser security mechanisms like WebAuthn for hardware-based authentication.
Additionally, I'll explore techniques such as session handling, revocation strategies, silent authentication for improved security UX, and the usage scopes for controlling access granularity, and common pitfalls associated with each.

Finally, I'll delve into JSON Web Tokens (JWTs), the use of EdDSA signatures for enhanced security and performance, as well as the common pitfalls that seasoned pro and newcomer alike struggle with when it comes to auth. Here I hope to equip everyone with some additional knowledge to navigate its complexities and build secure, user-friendly systems.

The talk was accepted to the conference program

other talks of this topic

Photo
C# 13 Unleashed: Live Demos of my Top 10 Cutting-Edge Features!

Ambesh Singh

Visionet Systems Deutschland

broad
Photo
An Efficient Git Workflow For High-Stakes Projects

Vladislav Shpilevoy

VirtualMinds

specific