Last week I had a chance to speak at Sunshine PHP about Identity and Data Security in PHP. This was a dive into the fundamentals of protecting user identity through password security, and diving into different ways to protect data as it’s being transmitted, both through secure and insecure channels.
Within the talk, I cover several topics in the space:
- Password Security (attack vectors, salting / peppering, hashing methods).
- Ideal data security (SSL/TLS and how to set up your own self-signed certificate).
- Insecure channel security using Symmetric cryptography (shared secret key) and Asymmetric cryptography (public / private keys).
The screencast of the session is available below:
If you’re just looking for the slides, you can find below:
More information on this subject can be found in our upcoming book, Identity and Data Security for Web Development.