the twelve-factor authentication

no i did not want this, i wanted gif industries

introduction

in the modern era, software is commonly delivered as a service: called web apps, or software-as-a-service. but how to protect it against hackers? simple: by using the twelve-factor authentication.

the twelve-factor methodology can be applied to apps written in any programming language, and which use any combination of backing services (database, queue, memory cache, etc).

background

hackers are hiding behind firewalls and weilding sigh-bear weapons of mass distraction. this is very bad.

how to protect yourself?

you need many factors to protect. exactly 12 in fact.

who should read this document?

everybody in the goddamn fucking world!, etc.

the twelve factors

I. cryptography

this ciphertext is a plain in the aes. just going to wait until you unlock your device then take it!

but

you can prevent this from happening! do not use your device! ever again

II. fingerprints

this is another factor. when you touch stuff it gets all smudged. and they will know who you are.

remember

police will never help you

III. firewalls

those firewalls are really not that fireproof

i found a race condition in one of your logic gates and just waltzed

right into your computer

IV. art

what even is real? this is a familiar question, and when you buy expensive art that answers it, you need to be absolutely sure that it is a real banksy and not some knock-off that somebody made with a stencil

V. openssl

it had the most stars on github

my buffers overflowed with joy

VI. abusive relationships

let's get real for a second

your security design better help people in abusive relationships

because guess what, surveillance is not only done by three letter agencies

VII. the last supper

that pic by leonardo, the vinci, jesus had 12 factors and they all sit on the same side of the rainbow table

VIII. putting a sticker over your laptop camera

but forgetting to do the same for your phone

IX. disposability

dumpster diving is a thing. when you throw secret things in the trash make sure you burn them to ashes first.

X. time-based one-time password

i found a time machine

it's called ntp

XI. the data center

my other computer is a datacenter

in the clouds

and it is also your other computer

that belongs to amazon or google

XII. your ego

feeling insecure?

no reason to be a douchebag