Schedule VIScon 2023

In this talk, we explore the limitations of traditional 2FA and present FIDO2 as a new authentication standard.

Through a live hacking demonstration, attendees will see the weaknesses of traditional 2FA. FIDO2 eliminates many of those issues and allows online services to enhance security, protect against common threats like phishing, and provide a seamless and secure authentication experience.

In today's digital landscape, the need for robust authentication methods to safeguard our online identities is more critical than ever. Traditional two-factor authentication (2FA) methods, while effective to some extent, have weaknesses that can be exploited by sophisticated attackers. This talk will show the limitations of traditional 2FA and explore the solution offered by FIDO2.

The session will begin with a live hacking demonstration to showcase how attackers can bypass traditional 2FA measures, such as one-time passwords and SMS codes, leaving our online accounts vulnerable to compromise. By understanding the weaknesses of these methods, we show the need for stronger and more reliable authentication frameworks.

The second part of the talk will focus on FIDO2, an authentication standard developed by the FIDO Alliance. It provides advanced protection against phishing attacks. The talk will show how FIDO2 uses Web Authentication (WebAuthn) and Client to Authenticator Protocol (CTAP) to enable secure authentication. By adopting FIDO2, online service providers can offer passwordless authentication options, such as biometrics, which significantly enhance security and mitigate the risks associated with phishing attacks. The talk will highlight the broad industry support and adoption of FIDO2 by major web browsers, operating systems, and online services.

Info

Day: 2023-10-21
Start time: 10:30
Duration: 00:40
Room: HG E 1.2

Links:

• iCalendar

Feedback

Click here to let us know how you liked this event.