Use Multi-Factor Authentica­tion Everywhere Because Passwords Are Terrible


Follow to receive video recommendations   a   A

When we deploy web applications, users entrust their data to us and expect that we will protect it. Meanwhile, recent high-profile breaches have underscored the risks of username+password authentication, which is the default in Django and other Python web frameworks. One of the best ways to mitigate this risk and protect our users’ data is to add multi-factor authentication (MFA) capability to our applications: one-time passwords (TOTP), hardware keys (Yubikeys, U2F, etc.), email-based authentication etc. You will learn how to implement U2F key and TOTP-based multi-factor authentication in your own Python-based web applications in just a few minutes.

Editors Note:

I am looking for editors/curators to help with branches of the tree. Please send me an email  if you are interested.