Aldo Salas
Aldo has more than 15 years of experience in all stages of Application Security, from penetration testing to program management, and he’s currently in a quest to get rid of passwords by leading the Application Security program at HYPR. Aldo has participated as an OWASP local chapter leader for many years and he’s active in the bug bounty community as well. Aldo has worked with a wide variety of technologies and businesses including financial, healthcare, media and entertainment, education, and information technology.
Session
Passwordless is here to stay as we have seen in the past few years, this is further shown by all the support companies are providing for passkeys, security keys, FIDO2, etc. However, this represents a challenge for the industry and all the existing legacy applications.
During this talk I'll present the challenges encountered for account recovery and identify verification that are now present as we remove more and more passwords every time.