See slides in pdf file here: https://github.com/yacekmm/LoginApiSecurity/blob/master/Login%20Security.pdf
All recordings from presentations on conferences are listed on my blog: https://wp.me/p1ZhsT-H0
A real life story for backend developers about the game of cat and mouse with hackers. They know passwords of my users and they make use of that knowledge. But I know that they know. And where from they know it. Do I know who they are? Yes - I'll show you how.
They also know passwords of your users. And they will come to you. For sure we care a lot about the complex business logic we build. Login endpoints, well, are just a tiny piece of it, however, critical. Do you monitor them? Let me show you how my login endpoints are attacked, so that you are prepared.
I'll show you those attacks - the traffic patterns, data they had, how they did it, why they did it and what they achieved. Also what we did with this knowledge and how the culture is important in such moments. I will show you a lot - maybe even too much. In an open manner - exactly how security should be treated in serious systems. We speak too few about security.