Upgrade to Pro — share decks privately, control downloads, hide ads and more …

FIDO Passkeys - The Future without Passwords!

Niko Köbler
May 11, 2023
Programming
0
140

FIDO Passkeys - The Future without Passwords!

Niko Köbler

May 11, 2023
Tweet

More Decks by Niko Köbler

See All by Niko Köbler
OAuth2, OIDC & JWT - Important Basics!
dasniko
0
260
Authentication in Web, API-based & Distributed Environments
dasniko
0
85
Cloud Native Serverless Java with Quarkus & GraalVM on AWS Lambda
dasniko
0
120
Serverless! But Multi-Cloud?
dasniko
0
140
Containers vs. Serverless 2019
dasniko
1
190
How Do You Authenticate..?
dasniko
1
120
Serverless Security
dasniko
0
200
Containers vs. Serverless
dasniko
2
370
Serverless code-build-run pipelines
dasniko
0
59

Other Decks in Programming

See All in Programming
Rubyでたのしむクリエイティブコーディング/Enjoy Creative coding with Ruby
chobishiba
1
160
try!Swift Tokyo 2024 参加報告 LT
akidon0000
1
180
What We Can Learn From OSS
inouehi
0
380
入門 AWS Amplify Gen2 / Introduction to AWS Amplify Gen2
genkiogasawara
1
300
Elm Form Validation
bkuhlmann
0
500
ログラスを支える設計標準について / loglass-design-standards
urmot
10
2.1k
デザインシステムで Tailwind CSSとCSS in JSに分散投資をしたら良かった話
fsubal
18
4.8k
Code Reviews
bkuhlmann
4
860
From Spring Boot 2 to Spring Boot 3 with Java 22 and Jakarta EE
ivargrimstad
0
830
Blue/Greenデプロイの導入による 運用フローの改善
kudoas
1
340
どうしてこうなった命名集 ~🔥編~ / OOC 2024 LT
pictiny
5
3.9k
CQRS/ES avec Symfony, c’est (trop) bien !
jeremyfreeagent
1
630

Featured

See All Featured
The Invisible Side of Design
smashingmag
293
49k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
352
28k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
8
8.3k
Learning to Love Humans: Emotional Interface Design
aarron
266
39k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
153
14k
Why Our Code Smells
bkeepers
PRO
331
56k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
1
1.3k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
75
41k
How to Ace a Technical Interview
jacobian
272
22k
What's in a price? How to price your products and services
michaelherold
237
11k
[RailsConf 2023] Rails as a piece of cake
palkan
22
3.9k
KATA
mclloyd
14
12k

Transcript

  1. FIDO PASSKEYS NIKO KÖBLER (@DASNIKO) KEYCLOAK-EXPERTE.DE

  2. Niko Köbler | keycloak-experte.de Keycloak IAM & SSO ABOUT ME

    ▸ Freelance Consultant/Architect/Developer/Trainer ▸ Doing stuff with & without Computers, Software, ~25 yrs ▸ "Mr. Keycloak" > 9 yrs (since 1.x) ▸ Co-Lead of JUG DA (https://www.jug-da.de / @JUG_DA) ▸ Author of „Serverless Computing in AWS Cloud“ serverlessbuch.de ▸ Web: www.n-k.de / Social: @dasniko ▸ YouTube: youtube.com/@dasniko

  3. https://www.socreatory.com/de/trainings/keycloak?ref=niko

  4. @DASNIKO FIDO PASSKEYS PASSWORD

  5. @DASNIKO FIDO PASSKEYS https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)

  6. @DASNIKO FIDO PASSKEYS https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)

  7. @DASNIKO FIDO PASSKEYS https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)

  8. @DASNIKO FIDO PASSKEYS https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)

  9. @DASNIKO FIDO PASSKEYS https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)

  10. @DASNIKO FIDO PASSKEYS https://xkcd.com/936/

  11. @DASNIKO FIDO PASSKEYS PASSWORD

  12. @DASNIKO FIDO PASSKEYS MFA?

  13. @DASNIKO Consortium of Major Global Players in Information Technology with

    the Aim to make the Internet more Secure and easier to use. FIDO PASSKEYS FIDO FAST IDENTITY ONLINE FIDOALLIANCE.ORG

  14. @DASNIKO FIDO PASSKEYS FIDO FAST IDENTITY ONLINE FIDOALLIANCE.ORG Simpler, Stronger

    Authentication Solving the World’s Password Problem

  15. @DASNIKO FIDO PASSKEYS PASSKEYS

  16. @DASNIKO FIDO PASSKEYS PASSKEYS

  17. @DASNIKO FIDO PASSKEYS PASSKEYS WEBAUTHN STANDARD PUBLIC-PRIVATE KEY PAIRS

  18. @DASNIKO FIDO PASSKEYS Identity Provider

  19. @DASNIKO FIDO PASSKEYS Identity Provider LOGIN REQUEST

  20. @DASNIKO FIDO PASSKEYS Identity Provider CHALLENGE RESP.

  21. @DASNIKO FIDO PASSKEYS Identity Provider PRIV

  22. @DASNIKO FIDO PASSKEYS Identity Provider PRIV

  23. @DASNIKO FIDO PASSKEYS Identity Provider PRIV SIGNED ANSWER

  24. @DASNIKO FIDO PASSKEYS Identity Provider PRIV PUB

  25. @DASNIKO USER SPECIFIC DATA FIDO PASSKEYS Identity Provider

  26. @DASNIKO FIDO PASSKEYS REGISTRATION OF PASSKEYS

  27. @DASNIKO FIDO PASSKEYS Identity Provider REGISTRATION REQUEST

  28. @DASNIKO FIDO PASSKEYS Identity Provider CONDITIONS FOR KEY GENERATION

  29. @DASNIKO FIDO PASSKEYS Identity Provider

  30. @DASNIKO FIDO PASSKEYS Identity Provider PRIV PUB

  31. @DASNIKO FIDO PASSKEYS Identity Provider PRIV PUB SEND PUBLIC KEY

  32. @DASNIKO FIDO PASSKEYS Identity Provider REGISTRATION FINISHED PUB

  33. @DASNIKO FIDO PASSKEYS ADVANTAGES OF PASSKEYS

  34. @DASNIKO FIDO PASSKEYS 1. EVERY PASSKEY IS BOUND TO A

    DOMAIN NO PHISHING POSSIBLE DIFFERENT PASSKEY FOR EVERY WEBSITE BY DESIGN

  35. @DASNIKO FIDO PASSKEYS 2. NO MORE STRUGGLE WITH COMPLEX PASSWORD-RULES

    COMPLEX AND UNIQUE PASSKEYS BY DESIGN NO NEED TO REMEMBER ANYTHING

  36. @DASNIKO FIDO PASSKEYS 3. PASSKEYS ARE ALREADY KIND OF MULTI-FACTOR

    OWNERSHIP INHERENCE KNOWLEDGE

  37. @DASNIKO FIDO PASSKEYS 4. NO TRANSMISSION OF PERSONAL AND PRIVATE

    DATA NEITHER PRIVATE KEY, NOR BIOMETRIC DATA THUS, PUBLIC KEYS CAN BE SAVED UNENCRYPTED

  38. @DASNIKO FIDO PASSKEYS (5.) NO EXPLICIT USAGE OF USERNAMES NECESSARY

    DISCOVERABLE CREDENTIALS RESIDENT KEYS

  39. @DASNIKO FIDO PASSKEYS *)

  40. @DASNIKO FIDO PASSKEYS CTAP2 CLIENT TO AUTHENTICATOR PROTOCOL

  41. @DASNIKO FIDO PASSKEYS

  42. @DASNIKO FIDO PASSKEYS FIDO:/0835849654370320632569583877928987334052173049980161 6722038811686437501386620745218491891905310830006741238072 3814609350077472607493802861175815053378306107096654083332 https://fidoalliance.org/specs/fido-v2.2-rd-20230321/fido-client-to-authenticator-protocol-v2.2-rd-20230321.html#sctn-hybrid

  43. @DASNIKO FIDO PASSKEYS MIXED ENVIRONMENTS

  44. @DASNIKO FIDO PASSKEYS MIXED ENVIRONMENTS ➡ USE EXTERNAL DEVICE (QR-CODE

    / CTAP) ➡ HARDWARE SECURITY KEYS (E.G. YUBIKEY) ➡ PASSWORD MANAGER

  45. @DASNIKO FIDO PASSKEYS WHERE AND WHEN TO USE?

  46. @DASNIKO FIDO PASSKEYS WHERE AND WHEN TO USE? https://passkeys.dev/device-support/ (01/2024)

  47. @DASNIKO FIDO PASSKEYS WHERE AND WHEN TO USE? https://passkeys.dev/device-support/ (01/2024)

  48. @DASNIKO FIDO PASSKEYS DEV RESOURCES ➡ HTTPS://FIDOALLIANCE.ORG ➡ HTTPS://PASSKEYS.DEV

  49. https://www.informatik-aktuell.de/betrieb/sicherheit/fido-passkeys-in-zukunft-ohne-passwort.html

  50. THANK YOU. ANY QUESTIONS? Slides: https://speakerdeck.com/dasniko Niko Köbler | www.n-k.de

    | [email protected] | @dasniko FIDO PASSKEYS