Securing Your Applications With 2-Factor Authentication

Speakers: 

Passwords are a horrible way to secure online systems. There simply is no good way to manage them. Either they are too weak or duplicated to be safe, or they are too complicated to remember and you end up having to keep them in a password vault (which probably has a weak password so you can remember it)... it's just a mess.

But help is at hand! These days there are a whole load of tools you can use to make your website and other online systems more secure, using multi-factor (usually 2-factor) authentication, and you don't have to be some global corporation to join in. There are various cheap, sometimes free and sometimes even free open source options out there, many with ready Drupal support. The only problem is education. People still don't know what this means and why it is important.

You should leave this session with a better understanding of multi-factor authentication, why you need it and a good idea what products and services there are, readily available for Drupal and Linux, that can help you operate your Drupal websites more securely.

This session will cover:

  • The principles of multi-factor authentication
  • Popular approaches to multi-factor authentication
  • Popular cheap/free services
  • Your options with Drupal
  • Securing other things (e.g. servers, third-party services, etc.)

Greg is the Technical Director and Information Officer at Code Enigma. In his role as the person responsible for information security, he has been extensively involved in securing Code Enigma's data and systems. A chunk of this circles around implementing 2-factor authentication for our systems, which he oversaw. He can share his experience on the subject with the audience.

Schedule info
Track: 
DevOps
Experience level: 
Beginner
Drupal Version: 
Drupal 7.x