Explore the future of authentication in this conference talk from Global AppSec Dublin. Delve into the current state of authentication, its challenges, and the promising solution of knowledge-based authentication reduction. Examine the WebAuthn architecture, including registration and authentication ceremonies, and discover the three variations of WebAuthn implementation. Address usability concerns and learn about improvements in the login process, including synced and cross-device usage of passkeys. Gain insights into how passkeys represent a significant advancement towards a passwordless future and walk away with key takeaways to enhance your understanding of modern authentication methods.
Passwordless Future: Using WebAuthn and Passkeys in Practice
Overview
Syllabus
Intro
Status quo of authentication
Problems with the status quo
Solution: Less knowledge-based authentication
Architecture
The two WebAuthn Ceremonies
Registration ceremony
Authentication ceremony
Three flavours of WebAuthn
Usability problems with WebAuthn
Improved usability in login process
Synced
Cross-device usage of passkeys
Passkeys are the next step on the long road to passwordless
Takeaways
Taught by
OWASP Foundation
