Forgot Password? Yes I Did!

Joel Lord (14.Nov.2018 at 11:30, 50 min)
Talk at php[world] 2018 (English - US)

Rating: 3 of 5

Every month, we hear about a new data breach and billions of user passwords are being shared as we speak. How can we stop this? There is a simple solution, let’s stop using passwords! From email links to biometrics, more and more technologies are available to help developers handle different types of credentials. During this presentation, the attendees will learn about some of the alternatives and how to implement them in the context of an OAuth flow.

Who are you?

Claim talk

Talk claims have been moved to the new site.

Please login to the new site to claim your talk

Want to comment on this talk? Log in or create a new account or comment anonymously

Write a comment

Please note: you are not logged in and will be posting anonymously!
= eight minus two


Rating: 3 of 5

20.Nov.2018 at 11:57 by Colin O'Dell (122 comments) via Web2 LIVE

I thought this was a good high-level overview of the various authentication options. Joel did a great job summarizing those options and their pros/cons.

However, I did feel it was a little too high-level and could have gone into more detail on the code implementation. Also, the magic link example relied on the uniqid() function which does guarantee uniqueness, which could lead to some security issues for anyone implementing that code as-is in production.

Nevertheless, I did learn a good bit, and with a little refinement this could easily be a 4- or 5-star talk!

© 2019