Take Your Authentication Beyond Passwords

Slide 1

Slide 1 text

Take your authentication beyond passwords Pradheepa Pullanieswaran Developer Advocate, Okta

Slide 2

Slide 2 text

Ready???

Slide 3

Slide 3 text

No content

Slide 4

Slide 4 text

Agenda 1. Problems of Passwords 2. The Journey of Passwordless 3. Demo 4. Q&A

Slide 5

Slide 5 text

Authentication - Username and Password - Digital Identity of the user

Slide 6

Slide 6 text

Passwords… Are they secure?

Slide 7

Slide 7 text

No content

Slide 8

Slide 8 text

80% Passwords are the root cause of over 80% of data breaches. 90 Users have more than 90 online accounts. 51% Up to 51% of passwords are reused.

Slide 9

Slide 9 text

Problem of Passwords ● Easily guessed and vulnerable to brute force attacks. ○ E.g. “password” ● Complex Passwords ○ E.g. “tYU&56jhﬂ!m” ○ Credential Stuﬃng ○ Sticky Note ● Multi-Factor Authentication ○ Phishing ○ Sim Swapping ○ User Friction & Less adapted ● Password Managers ○ ???

Slide 10

Slide 10 text

https://xkcd.com/936/

Slide 11

Slide 11 text

Passwords Evolution

Slide 12

Slide 12 text

Passwords are like cockroaches of the internet and companies have been trying to kill them off for years.- Merritt Maxim, Forrester Research

Slide 13

Slide 13 text

FIDO - Fast Identity Online - Consortium of major global players like Apple, Microsoft, Amazon created in 2013 to solve the World's Password Problem. - Working to change the nature of authentication with open standards. - Striving to create credentials more secure than passwords and SMS OTPs, simpler for consumers to use, and easier for service providers to deploy and manage.

Slide 14

Slide 14 text

WebAuthn

Slide 15

Slide 15 text

WebAuthn - Browser based API implementation of FIDO2 standard - Global authentication standard based on public key cryptography instead of a password.

Slide 16

Slide 16 text

Digitally Signed with Private Key Veriﬁed the message using the public key Public Key Cryptography

Slide 17

Slide 17 text

No content

Slide 18

Slide 18 text

Registration using Passkeys

Slide 19

Slide 19 text

Registration using Passkeys Create an account

Slide 20

Slide 20 text

Registration - Selecting the biometric If the application supports passkey, it prompts the user to register with the passkey Username : Pradheepa rpId : www.webauthn.me challenge : we345yiom Conditions for creating the passkeys

Slide 21

Slide 21 text

Registration - Sending Public Key Send Public key

Slide 22

Slide 22 text

Yay!!!, You are in Registration - Process Completed

Slide 23

Slide 23 text

Sign-In using Passkeys

Slide 24

Slide 24 text

Slide 25

Slide 25 text

Server recognizes you already have passkeys Login - Choosing the passkeys Username : Pradheepa rpId : www.webauthn.me challenge : we345yire Sign the challenge with your private key

Slide 26

Slide 26 text

Verifying signed challenge with the public key Login - Sending the signed challenge Signed Challenge

Slide 27

Slide 27 text

Yay, You are veriﬁed. Login - Process Completed

Slide 28

Slide 28 text

Why Passkeys?

Slide 29

Slide 29 text

Every passkey is bound to a domain ○ Phishing Resistant ○ By design each website has one passkey

Slide 30

Slide 30 text

No more shared credentials ○ Attack on server is not interesting anymore ○ No stolen credentials, weak passwords, complex rules for passwords

Slide 31

Slide 31 text

Passkeys are - Highly Secure

Slide 32

Slide 32 text

No transmission of personal and private data ○ Only public key is shared.

Slide 33

Slide 33 text

Demo

Slide 34

Slide 34 text

No content

Slide 35

Slide 35 text

Zero Index Newsletter - Auth0 by Okta https://a0.to/nl-signup

Slide 36

Slide 36 text

Wanted to try Auth0? - Free Tier is available

Slide 37

Slide 37 text

Resources ● FIDO2 Developer Primer: webauthn.guide ● FIDO2 Demo: webauthn.io webauthn.me ● Python Code - https://github.com/duo-labs/webauthn.io ● https://nordpass.com/most-common-passwords-list/ ● https://auth0.com/docs/quickstart/backend/python/01-authorization ● https://github.com/auth0/auth0-python

Slide 1

Slide 1 text

Slide 2

Slide 2 text

Slide 3

Slide 3 text

Slide 4

Slide 4 text

Slide 5

Slide 5 text

Slide 6

Slide 6 text

Slide 7

Slide 7 text

Slide 8

Slide 8 text

Slide 9

Slide 9 text

Slide 10

Slide 10 text

Slide 11

Slide 11 text

Slide 12

Slide 12 text

Slide 13

Slide 13 text

Slide 14

Slide 14 text

Slide 15

Slide 15 text

Slide 16

Slide 16 text

Slide 17

Slide 17 text

Slide 18

Slide 18 text

Slide 19

Slide 19 text

Slide 20

Slide 20 text

Slide 21

Slide 21 text

Slide 22

Slide 22 text

Slide 23

Slide 23 text

Slide 24

Slide 24 text

Slide 25

Slide 25 text

Slide 26

Slide 26 text

Slide 27

Slide 27 text

Slide 28

Slide 28 text

Slide 29

Slide 29 text

Slide 30

Slide 30 text

Slide 31

Slide 31 text

Slide 32

Slide 32 text

Slide 33

Slide 33 text

Slide 34

Slide 34 text

Slide 35

Slide 35 text

Slide 36

Slide 36 text

Slide 37

Slide 37 text

Slide 38

Slide 38 text

Slide 39

Slide 39 text