Authentication for Droids

Download Authentication for Droids

Post on 08-May-2015

796 views

Category:

Technology

3 download

Embed Size (px)

DESCRIPTION

This talk about identity and authentication was held at Droidcon UK 2013. It goes into the differences of different authorization and authentication techniques and tries to shed some light on best practices. Technologies being covered are OAuth, OpenID and OpenID Connect.

TRANSCRIPT

<ul><li>1.Authentication for Droids These are the droids you are looking forTim Messerschmidt @SeraAndroid</li></ul> <p>2. Developer Evangelist 3. Why am I here? 4. Rebuilding the Developer Experience: developer.paypal.com 5. Do we always use the same identity? 6. Should we always use the same identity? 7. Authentication vs. Authorization 8. Current standards 9. Basic Authentication username:password 10. Passwords wiki.scullsecurity.org/Passwords 11. Security Nightmare 4.7% of users have the password password 8.5% have the passwords password or 123456 9.8% have the passwords password, 123456, 12345678 14% have a password from the top 10 passwords 40% have a password from the top 100 passwords 79% have a password from the top 500 passwords 91% have a password from the top 1000 passwords 12. Allow your users to see their input 13. OAuth 1.0 14. ConsumerService ProviderRequest Request TokenGrant Request TokenDirect User to ServiceObtain AuthorizationRequest Access TokenDirect to ConsumerAccess ResourcesGrant Access Token 15. OAuth 1.0a 16. Signpost</p>

Recommended

View more >