User-Friendly Login Procedures

  • TYPE: Combined Session DATE: Friday, September 27, 2019 TIME: 11:30-12:30 LOCATION: Emerald 2
Track

Sessions:

We've all seen the requirements. Your password must contain upper and lower case, be between 6 and 23 characters long, and must contain at least one Beatle. And you need to pick a new one on a regular schedule, even if you don't use the site that often. Everybody hates it, and it turns out that these rules do not make it harder for attackers. 

How did we get into this mess? We'll take a look at the history of passwords, the attacks we thought we were protecting against, the attacks we actually need to protect against, how people made everything worse, and how we can make it better.

Key Takeaways:

- Passwords aren't being used for what they're good for, and we need to change that

- Password rules as seen today make for bad passwords, and we can do better

- People will find ways around your arcane policies


Speaker:



Enzoic will participate in a panel discussion on experiences balancing the challenges of user adoption with authentication security in a consumer web environment. 

Passwords are the most common layer of security; however, billions of compromised users’ credentials are circulated on the public Internet and Dark Web. And due to the common practice of password reuse, attackers can take credentials exposure in the numerous data breaches and use them to login to other sites that haven’t been compromised. Consumer facing organizations are being forced to address security vulnerabilities created by their consumer’s password hygiene and security practices.

Numerous options exist in the market to harden authentication security. Each involves introducing some form of friction into the consumer’s experience. User testing shows consumers have extremely limited tolerance for disruptions introduced by security measures, even when those measures are designed to protect the consumer, personal information and valuable assets. Yet, when a consumer’s account is compromised on a site, the blame is directed back to site – and the brand suffers both financial and reputational damage. 

This panel will examine various approaches to balancing security and user experience. We’ll consider various approaches to hardening an authentication process and the associated tradeoffs involved. We will cover the recent changes in industry standards and how different approaches can be applied across mobile and web channels. Additional topics will include: false positive and false negative alerts, the consequences of alert fatigue, and device considerations. 

Attendees will leave with a better understanding of the options (CAPTCHAs, BOT Detection, Biometrics, Multi-factor authentication, Compromised credential detection, and other methods) in the context of consumer business requirements.

Key takeaways:

• Authentication attack methods in consumer web
• New industry standards for securing authentication
• UX review of various authentication options
• Understanding of multi-step, multi-factor and different authentication factor types

 

Speakers:

Michael Greene is CEO of Enzoic (formerly named PasswordPing), an innovative cyber-security startup that helps enterprises screen for compromised credentials and prevent credential stuffing and account takeover fraud. Mike has received industry awards including SC Media Reboot Leadership Award...

Dave, born in Scotland and raised in New Jersey, is a former investment associate at GoogleX where he helped to commercialize Alphabet's ambitious Moonshot projects. Today, Dave is the founder and head of business for Passbase, a privacy focused identity verification and digital identity tool.

Dirk Wahlefeld represents ITConcepts as a Product Manager for their patent pending Identity Management product go:Identity. In this role, he is responsible for conceptual design and realization of product strategy as well the product development. Prior to this he worked for various global...



Moderator:

Quick Links

Register now!

Consumer Identity World EU 2019

Stay Connected

Information

Seattle, USA

Conference

Consumer Identity World USA 2019

Language:
English
Registration fee:
€1200.00 $1500.00 S$1920.00 13200.00 kr
Mastercard Visa American Express PayPal
Contact person:

Ms. Lauren Zuber
+49 211 23707725
lz@kuppingercole.com
  • Sep 25 - 27, 2019 Seattle, USA
Register now!

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00