Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore the critical security vulnerabilities and common misunderstandings surrounding HMAC (Hash-based Message Authentication Code) implementation in this 39-minute conference talk from BSidesLV's PasswordsCon. Delve into how HMAC is frequently misused in authentication systems, leading to serious security flaws that can compromise even mature, well-established systems. Examine real-world code demonstrations and detailed vulnerability breakdowns that illustrate how seemingly secure HMAC implementations can create dangerous security illusions. Learn to identify the subtle but critical mistakes that developers make when implementing HMAC-based authentication, understand why these errors occur so frequently across different systems, and discover practical techniques for spotting potential HMAC vulnerabilities during code review and security assessment. Gain actionable guidance on preventing these common pitfalls and implementing HMAC correctly to ensure genuine security rather than a false sense of protection.
