Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Securing Your WordPress Site with Modern Authen...

WCHK2023
December 01, 2023

Securing Your WordPress Site with Modern Authentication and Beyond (使用現代身份驗證及其他方式保護您的 WordPress 網站)

User security is often an afterthought when building your WordPress site, its not trivial when you want 2FA, passwordless as well as a fully functioning user admin portal for you growing e-commerce or membership site. In this presentation, Wee will show you how easy it is to enable secure user authentication with services like Authgear for SMS/WhatApp OTP as well as latest passwordless trend with Passkeys.

在建立 WordPress 網站時,使用者安全通常是事後才考慮的問題,當您需要 2FA、無密碼以及功能齊全的使用者管理入口網站來發展電子商務或會員網站時,安全就不是小事了。在本次演示中,Wee 將向您展示使用 Authgear for SMS/WhatApp OTP 等服務以及使用 Passkeys 的最新無密碼趨勢來實現安全用戶身份驗證是多麼容易。

WCHK2023

December 01, 2023
Tweet

More Decks by WCHK2023

Other Decks in Programming

Transcript

  1. Single Sign-On Everything in One-Click Passwordless login B2B Authentication Multi-Factor

    Authentication Breached Password Detection Zero trust architecture
  2. Bad conversion rate for sign up Do you know… according

    to Andrew Chen (Growth Uber, a16z): 1. 78% of users forgot their password and had to reset it 2. User forgot if they’ve sign up, the confusion reduce sign up conversions Switch to Email + Magic Link, and update the UI to optimize, takes weeks. Optimize Signup Conversion 78% of users forgot their password and had to reset it
  3. Security for Scale Audit Logs, Brute force Protection, SMS Rate

    Limits 2FA Introducing two-factor authentication for security policies Re-Auth for Critical Transactions Integrations Integrate signup with analytics, CDP, drip campaigns 1 2 3 4 Essential Enhancements Additional layer of security
  4. Integrate with OIDC client 🤖 • Effectively 2 Authentications •

    Authgear cannot control session/auth state between user and the ODIC client
  5. Integrate with OIDC client 🤖 • Effectively 2 Authentications •

    Authgear cannot control session/auth state between user and the ODIC client Authenticated Authenticated
  6. Thank You! • Contact ◦ [email protected] • Authgear References ◦

    https://www.authgear.com/ ◦ https://github.com/authgear