bookmark_border

Secure Authentication with Praneet Sharma

Software Engineering Daily,

Originally posted on Software Engineering Daily

When I log into my bank account from my laptop, I first enter my banking password. Then the bank sends a text message to my phone with a unique code, and I enter that code into my computer to finish the login. This login process is two-factor authentication. I am proving my identity by entering my banking password (the first factor) and validating that I am in control of my phone (the second factor) by receiving that text message.

But in order to log in from my laptop, I need to be in control of my laptop. The laptop itself is a factor. With the laptop and my password, I have two factors. I might not actually need the phone as a factor.

Praneet Sharma is the CEO of Keyless, a product that moves 2-factor authentication into the browser. Praneet joins the show to discuss how all kinds of authentication work: multi-factor authentication, single sign on, and Yubikey. We use this discussion of authentication methods to help explain why it actually could make sense for some people to be doing 2-factor authentication without requiring people to take out their phone.

We also explore recent security breaches like Target, Equifax and Yahoo–and the industry of security software sold to developers. I see giant banners for security software companies every time I go into the San Francisco airport, and Praneet explained to me some of the products that these kinds of companies are selling.

Praneet has joined the show in a previous episode to talk about advertising fraud. He also works with Shailin Dhar at Method Media Intelligence.

Transcript

Transcript provided by We Edit Podcasts. Software Engineering Daily listeners can go to weeditpodcasts.com/sed to get 20% off the first two months of audio editing and transcription services. Thanks to We Edit Podcasts for partnering with SE Daily. Please click here to view this show’s transcript.

Sponsors

twiliologo

Build apps that communicate with everyone in the world. Voice & Video, Messaging, and Authentication APIs for every application. Start your Free Trial today and get an additional $10 credit account with account upgrade. Learn more at go.twilio.com/podcast


Bugsnag improves the task of troubleshooting errors by making it more enjoyable and less time-consuming. For example, when an error occurs, your team can get notified via Slack, see diagnostic information on the error, and identify the developer who committed the code. Bugsnag’s integration with Jira and other collaboration tools makes it easy to assign and track bugs as they are being fixed. There is a special offer for Software Engineering Daily listeners. Try all features free for 60 days at https://www.bugsnag.com/sedaily. Development teams can now iterate faster and improve software quality. To get started, go to https://www.bugsnag.com/sedaily/. Get up and running in three minutes. Airbnb, Lyft, and Shopify all use Bugsnag to monitor application errors.  


Angular. React. Vue. Knockout. The forecast calls for a flurry of frameworks, making it hard to decide which to use. Or maybe you already have a preferred JavaScript framework, but want to try out a new one. Wijmo and Grape City bring you the How to Choose the Best JavaScript Framework for Your Team ebook. And best of all, this ebook is free. Download your copy today to help you choose a framework for your work at softwareengineeringdaily.com/grapecity.


Amazon Redshift powers the analytics of your business–and Intermix.io powers the analytics of your Redshift. Intermix.io gives you the tools you need to analyze your Amazon Redshift performance and improve the toolchain of everyone downstream from your data warehouse. The team at Intermix has seen so many Redshift clusters, they are confident they can solve whatever performance issues you are having. Go to intermix.io/sedaily to get a free 30-day trial. Intermix collects all your Redshift logs and makes it easy to figure out what’s wrong so you can take action. All in a nice, intuitive dashboard. Go to intermix.io/sedaily to start your free 30-day trial.


securitypasswords

About the Podcast