Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
FIDO Passkeys - The Future without Passwords!
Search
Niko Köbler
May 11, 2023
Programming
300
1
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
FIDO Passkeys - The Future without Passwords!
Niko Köbler
May 11, 2023
More Decks by Niko Köbler
See All by Niko Köbler
The Keycloak Token Config Mistakes 90% of All Developers Get Wrong (and how to avoid)
dasniko
0
32
DPoP - Demonstrating Proof of Possession
dasniko
0
72
History of Authentication
dasniko
0
71
SAML, OAuth & OIDC
dasniko
0
290
Status Quo of OAuth 2
dasniko
0
360
OAuth2, OIDC & JWT - Important Basics!
dasniko
1
1k
Authentication in Web, API-based & Distributed Environments
dasniko
0
160
Cloud Native Serverless Java with Quarkus & GraalVM on AWS Lambda
dasniko
0
200
Serverless! But Multi-Cloud?
dasniko
0
200
Other Decks in Programming
See All in Programming
肥大化するレガシーコードに立ち向かうためのインターフェース分離と依存の逆転 / JJUG CCC 2026 Spring
hirokunimaeta
0
610
Spec Driven Development | AI Summit Lisbon
danielsogl
PRO
0
210
セキュリティの専門家じゃなくてもできる。「セキュリティ意識」をアップデートして サプライチェーン攻撃への耐性を高めよう。
tk3fftk
5
920
RTSPクライアントを自作してみた話
simotin13
0
630
A2UI という光を覗いてみる
satohjohn
1
150
脅威をエンジニアリングの糧にして――現場編 / Turning Threats into Engineering Fuel — Field Edition
nrslib
0
300
Performance Engineering for Everyone
elenatanasoiu
0
220
作って学ぶ、 JSX (TSX) ランタイムの基本
syumai
7
1.7k
[2026年度第1回ORセミナー] 計画最適化ベンチャーと競技プログラミング人材
terryu16
0
270
トークンをケチるな、設計しろ:GitHub Copilotを賢く使うコンテキスト戦略
ochtum
0
160
技術的負債解消で開発者の未来を開く- AIの力でコード刷新
kmd2kmd
0
120
LLMによるContent Moderationの本番運用の裏側と品質担保への挑戦
suikabar
3
750
Featured
See All Featured
WCS-LA-2024
lcolladotor
0
650
Effective software design: The role of men in debugging patriarchy in IT @ Voxxed Days AMS
baasie
0
430
Navigating Team Friction
lara
192
16k
Digital Projects Gone Horribly Wrong (And the UX Pros Who Still Save the Day) - Dean Schuster
uxyall
1
1.8k
A Guide to Academic Writing Using Generative AI - A Workshop
ks91
PRO
1
340
Understanding Cognitive Biases in Performance Measurement
bluesmoon
32
2.9k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
49
10k
Embracing the Ebb and Flow
colly
88
5.1k
The Mindset for Success: Future Career Progression
greggifford
PRO
0
370
The browser strikes back
jonoalderson
0
1.3k
A better future with KSS
kneath
240
18k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
55k
Transcript
FIDO PASSKEYS
ABOUT ME ▸ Independent Consultant/Architect/Developer/Trainer ▸ Doing stuff with &
without Computers, Software, > 25 yrs ▸ "Mr. Keycloak" > 9 yrs (since 1.x) ▸ Co-Lead of JUG DA (https://www.jug-da.de / @JUG_DA) ▸ Author of „Serverless Computing in AWS Cloud“ serverlessbuch.de ▸ Web: www.n-k.de / Social: @dasniko ▸ YouTube: youtube.com/@dasniko
https://www.socreatory.com/de/trainings/keycloak?ref=niko
FIDO Passkeys PASSWORD
FIDO Passkeys https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)
FIDO Passkeys https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)
FIDO Passkeys https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)
FIDO Passkeys https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)
FIDO Passkeys https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)
FIDO Passkeys https://xkcd.com/936/
FIDO Passkeys PASSWORD
FIDO Passkeys PASSWORD
FIDO Passkeys MFA?
FIDO PASSKEYS FIDO FAST IDENTITY ONLINE FIDOALLIANCE.ORG
Consortium of Major Global Players in Information Technology with the
Aim to make the Internet more Secure and easier to use. FIDO PASSKEYS FIDO FAST IDENTITY ONLINE FIDOALLIANCE.ORG
FIDO PASSKEYS FIDO FAST IDENTITY ONLINE FIDOALLIANCE.ORG Simpler, Stronger Authentication
Solving the World’s Password Problem
FIDO Passkeys PASSKEYS
FIDO Passkeys PASSKEYS
FIDO PASSKEYS Login as usual with Your Username on a
Website or in a Mobile-App.
FIDO PASSKEYS If the Website supports Passkeys, the Browser requests
you to use them.
FIDO PASSKEYS Select the Passkey to use and Authenticate yourself
using a biometric or a security key.
FIDO PASSKEYS Select the Passkey to use and Authenticate yourself
using a biometric or a security key.
FIDO PASSKEYS Select the Passkey to use and Authenticate yourself
using a biometric or a security key.
FIDO PASSKEYS That’s it! You are successfully logged in!
FIDO Passkeys PASSKEYS WEBAUTHN STANDARD PUBLIC-PRIVATE KEY PAIRS
FIDO Passkeys DEMO…
FIDO PASSKEYS Identity Provider
FIDO PASSKEYS Identity Provider LOGIN REQUEST
FIDO PASSKEYS Identity Provider CHALLENGE RESP.
FIDO PASSKEYS Identity Provider PRIV
FIDO PASSKEYS Identity Provider PRIV
FIDO PASSKEYS Identity Provider PRIV SIGNED ANSWER
FIDO PASSKEYS Identity Provider PRIV PUB
USER SPECIFIC DATA FIDO PASSKEYS Identity Provider
FIDO PASSKEYS REGISTRATION OF PASSKEYS
FIDO PASSKEYS Identity Provider
FIDO PASSKEYS Identity Provider REGISTRATION REQUEST
FIDO PASSKEYS Identity Provider CONDITIONS FOR KEY GENERATION
FIDO PASSKEYS Identity Provider
FIDO PASSKEYS Identity Provider
FIDO PASSKEYS Identity Provider PRIV PUB
FIDO PASSKEYS Identity Provider PRIV PUB SEND PUBLIC KEY
FIDO PASSKEYS Identity Provider REGISTRATION FINISHED PUB
FIDO PASSKEYS ADVANTAGES OF PASSKEYS
FIDO PASSKEYS 1. EVERY PASSKEY IS BOUND TO A DOMAIN
No Phishing Possible. Different PASSKEY for every Website By Design.
FIDO PASSKEYS 2. NO MORE STRUGGLE WITH COMPLEX PASSWORD-RULES Complex
and unique passkeys by design. No need to remember anything.
FIDO PASSKEYS 3. PASSKEYS ARE ALREADY KIND OF MULTI-FACTOR Ownership
Inherence Knowledge
FIDO PASSKEYS 4. NO TRANSMISSION OF PERSONAL AND PRIVATE DATA
Neither private Key, nor biometric data. Thus, public keys can be saved unencrypted.
FIDO PASSKEYS (5.) NO EXPLICIT USAGE OF USERNAMES NECESSARY Discoverable
Credentials (formerly "Resident Keys")
FIDO Passkeys *)
FIDO Passkeys CTAP2 Client To Authenticator Protocol
FIDO Passkeys FIDO:/0835849654370320632569583877928987334052173049980161 6722038811686437501386620745218491891905310830006741238072 3814609350077472607493802861175815053378306107096654083332 https://fidoalliance.org/specs/fido-v2.2-rd-20230321/fido-client-to-authenticator-protocol-v2.2-rd-20230321.html#sctn-hybrid
FIDO PASSKEYS MIXED ENVIRONMENTS ➡ Use External Device (QR-Code /
CTAP) ➡ Hardware Security Keys (e.g. yubikey) ➡ Password Manager
FIDO PASSKEYS WHERE AND WHEN TO USE?
FIDO PASSKEYS WHERE AND WHEN TO USE? https://passkeys.dev/device-support/ (07/2024)
FIDO PASSKEYS WHERE AND WHEN TO USE? https://passkeys.dev/device-support/ (07/2024)
FIDO PASSKEYS WHERE AND WHEN TO USE? https://passkeys.dev/device-support/ (07/2024)
FIDO PASSKEYS DEV RESOURCES ➡ https://fidoalliance.org ➡ https://passkeys.dev
Text https://www.informatik-aktuell.de/betrieb/sicherheit/fido-passkeys-in-zukunft-ohne-passwort.html
THANK YOU. ANY QUESTIONS? Slides: https://speakerdeck.com/dasniko NIKO KÖBLER | www.n-k.de
|
[email protected]
| @dasniko FIDO Passkeys