User Authentication—Passwords and Beyond

User Authentication—Passwords and Beyond

On March 25, Jim Fenton, a leading expert on user-centric identity and Internet privacy, is presenting a lecture on the widest-deployed way of authenticating users—about passwords. He will describe their advantages and disadvantages or the possibilities of supplementing them. The lecture takes place within the FIT Informatics Evenings from 19:00 in the T9:107 auditorium.


Passwords have been around for a long time and are by far the widest-deployed way of authenticating users. While passwords have definite security limitations, they remain popular for low to moderate security applications. They are a key component, something you know, in multi-factor authentication.

But as authentication threats have become more sophisticated, higher security authentication, mostly involving the use of multiple authentication factors, has been needed for more applications. Some of these provide little more than a false sense of security, while others provide excellent protection against a comprehensive range of threats. The choice of authentication products and methods is not straightforward and depends on the types of devices being used, the nature of the application, and the expected range of threats.

This lecture will discuss the characteristics of password-based authentication and several additional authentication modes that can be used to supplement passwords, the threats addressed (and not addressed) by each, and how best to build a comprehensive authentication solution that meets both the application’s and users’ needs.

About the Event

The lecture is free of charge, and registration is not required. It is intended for the audience with basic knowledge of the topic.

Event type
Jim Fenton
March 25, 2019, 19:00–20:30
Auditorium T9:107, New Building CTU
Thákurova 9, Prague 6
Is going to be recorded

About the Lecturer

Jim Fenton – profile

Jim Fenton is an independent consultant and researcher with a focus on user-centric identity, Internet privacy, and security issues. Most recently, Jim was a co-editor of a major revision to the “NIST Special Publication 800-63 Digital Identity Guidelines” standards suite and was lead editor for the “Authentication and Lifecycle Management” volume.

Jim is a contributor to several open-source projects. He is also a participant in the Internet Engineering Task Force (IETF) and is also an advisor to Disconnect, Inc., a maker of Internet privacy tools.

Jim was previously the Chief Security Officer for OneID service, a provider of next-generation identity and authentication products and services. Before that, he was the Distinguished Engineer in the Corporate Development Technology Group at Cisco. He has bachelor and master degrees from the Massachusetts Institute of Technology.

Lecture series: FIT Informatics Evenings
Previous lecture: dreamBIG with Tomáš Mikolov (in Czech)
Next lecture: Strasti a slasti dvou verzí Angularu v jednom systému (in Czech)
Lecturer: Jim Fenton
Video recording: Audiovisual Centre of CTU Students
Person responsible for the content of this page
Bc. Veronika Dvořáková, veronika.dvorakova@fit.cvut.czPR Officer

Last modified: 27.3.2019, 17:06