Kontakt

Newsletter

Subscribe

Sponsoren

ToTP or Not ToTP, That Is The Question!

Two-factor authentication is more accessible than ever because a smartphone can be found in many a pocket or handbag. Time based one-time passwords (TOTP) give your users the ability to log into your web application not just based on something they know (their password), but with another factor: Something they have. In the case of TOTP, generally a smart phone. Amazon AWS, Google, World of Warcraft, and many others already use this standard to improve authentication security.
It's really easy to add TOTP to your web application, but, like any security measure, it's easy to mess up your implementation. We search the web for a few off the shelf libraries, and delve into the various security problems that these libraries exhibit.
Then, when we've listed out all the various security and API concerns, we demo a complete TOTP Web solution in Java, ready to be deployed in your Web application.

Note that this talk will be held in English!

19.05.2016, 19:00, Fraunhofer IESE, Kaiserslautern

About the presenters:

Reinier Zwitserloot has been interested in programming language evolution ever since he started working with Java professionally 15 years ago. As a result, together with Roel Spilker he is the inventor of Project Lombok, a compiler/IDE plugin to bring the java programming language into the next decennium.

Roel Spilker is a technology evangelist at TOPdesk. He's been a professional java programmer and teacher since 1999. Roel has been a fan of compile-time checking. Together with Reinier Zwitserloot he is the inventor of Project Lombok, a compiler/IDE plugin to bring the java programming language into the next decennium.

Reinier and Roel

Ressources: