Talk: User Identity and Authentication in WordPress

The other day I gave a talk at the Portland WordPress Developers Meetup about authentication in enterprise and web environments and how WordPress fits into the Identity Management alphabet soup. At the end, I showed off our WordPress Plugin, which can be used for easy and secure login to WordPress instances.

Abstract: Your users’ experience during account creation and login is one of the first and most important ways they interact with your web site. Passwords are by far the most common authentication factor, but they are extremely unfriendly for users: Good passwords are hard to remember, and bad passwords are easy to guess. In this talk, we will explain the trade-offs among various types of authentication: passwords, mobile login, social login, two-factor auth, single sign-on, SAML, and OAuth. Finally, we’ll discuss the impact these choices have on your development process and your users.

This talk is presented by Isaac Potoczny-Jones, a security researcher with Galois, inc and one of the primaries behind Tozny.com which provides, as he says it, “state of the art identity management” that combines “security and usability” through their API, smartphone applications, and WordPress plugin.

Thanks to all those who came!

“The talk was right on target and as I quickly discovered, it had more depth and breadth than my experience. That’s a big plus, as it was why I attended: to broaden my understanding of the subject in the (hopefully) bright light light of an expert discussion. Well worth my time!” – Bill Larson

@tozny @tddewey You might enjoy this slide from my presentation at the user WP meetup last week. 🙂 pic.twitter.com/CxMLFh5lXf

— Karvel Digital (@KarvelDigital) February 24, 2015