We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
DjangoCon 2022 | Add Multi-Factor Authentication (MFA) to Django in Mere Minutes
"Learn how to add multi-factor authentication to your Django app in minutes. Discover the limitations of SMS-based MFA and explore a more secure and usable alternative, the Kagi project."
- Multi-factor authentication (MFA) is important for protecting against the increasing threat of cyber attacks and preventing financial losses.
- SMS-based MFA is not secure and can lead to phishing attacks and data breaches.
- One-time passwords (OTPs) and web authentication are better alternatives, but they have some limitations, such as requiring users to install a separate app and potential loss of access due to hardware issues.
- The importance of good usability is highlighted, as forcing users to use SMS-based MFA can lead to a poor user experience.
- The “Kagi” project is a Django application that supports MFA using OTPs and web authentication, with a focus on improving security and usability.
- The speaker provides a step-by-step guide on how to integrate Kagi into a Django application, including setting up MFA settings and URL routes.
- The importance of relying party ID and icon URL are highlighted in setting up MFA.
- The speaker also provides insights on how to generate backup codes and how to use them in case of lost or stolen devices.
- The presentation concludes with a call to action, encouraging developers to prioritize security and to consider implementing MFA in their applications.