ConfPad

"Phishing can work on almost anyone if you catch them in a moment of weakness, and hackers know that. Strong user authentication is a critical part of securing your data and infrastructure. We tried education on strong passwords, but that didn’t help. Authenticator apps and SMS codes were an improvement, but hackers found ways around them as well. After years of effort on the part of the FIDO Alliance, we have a better option. U2F security keys mitigate phishing risk by using dedicated hardware keys, special browser APIs, and public key cryptography. Before you depend on a technology as a building block of security, it’s important to understand how it works, and why it’s a good fit for your needs. This talk will cover these points, so you don’t have to read the specs yourself: Why Phishing still happens How U2F security keys work Using them to protect yourself Adding support to your software to protect your users"