Abstract:How to properly implement two factor authentication. Common problems with implementations, what to look out for, and the worst I've ever seen.

Bio:Steve Thomas, aka Sc00bz, has been studying and optimizing time-memory tradeoffs since November 2007. He broke two poorly constructed hash functions, MySQL323 and XSHA1, as well as Cryptocat. He graduated from Northern Illinois University with a double major Computer Science and Math. He still regrets not taking ballet classes.

Back to Passwords Con 2014 video list