Preparation
-
Protocols:
-
Protocol Design Notes, by Raúl Pardo (3 pages)
-
-
Authentication:
-
Book, by Fred B. Schneider, Chapter 5, skip 5.1.2 (we’ll return to it later), skip the "*" in 5.2.1 (36 pages)
-
-
Login:
-
Login, on Wikipedia (retrieved June 30 2021) (1 page)
-
Single Sign-on (SSO): SAML & OIDC overview, by Alicia Townsend (2 pages)
-
Lecture
-
Slides, Video (guest lecture by Raúl Pardo)
Further Reading
-
Password Policy: Computerphile (11:32)
-
Password Choice, by Bruce Schneier (3 pages)
-
Password Managers:
-
built-in: Chrome/Android, Safari/iPhone
-
third-party: pass, on nixcasts (5:22) + browser extension ; and others, by Pete Matheson (6:10)
-
-
Password Doesn’t Matter, by Alex Weinert (Director of Identity Security at Microsoft)
-
Two-Factor Authentication, Why Turn it On, by Tom Scott (from ComputerPhile) (8:11)
-
Authenticator Technologies (note: the video has a misleading title) (6:14)
-
Attack: Rolljam (Cars), by Sami Kamkar (3:41)
-
OTP: NemID Nøglekort (1:45)
-
gone forever; you can read about NemID here.
-
-
Authenticator App
-
NemID Nøgleapp (asymmetric-key cryptography) (2:09)
-
Microsoft Authenticator (OTP), by Microsoft (2:45)
-
gone forever; you can read about Microsoft Authenticator here.
-
-
-
Authenticator USB-key: WebAuthn (YubiKey) (asymmetric-key cryptography)
-
3D Secure (credit card authentication)