Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
FIDO Passkeys - The Future without Passwords!
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Niko Köbler
May 11, 2023
Programming
300
1
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
FIDO Passkeys - The Future without Passwords!
Niko Köbler
May 11, 2023
More Decks by Niko Köbler
See All by Niko Köbler
The Keycloak Token Config Mistakes 90% of All Developers Get Wrong (and how to avoid)
dasniko
0
32
DPoP - Demonstrating Proof of Possession
dasniko
0
72
History of Authentication
dasniko
0
71
SAML, OAuth & OIDC
dasniko
0
290
Status Quo of OAuth 2
dasniko
0
350
OAuth2, OIDC & JWT - Important Basics!
dasniko
1
1k
Authentication in Web, API-based & Distributed Environments
dasniko
0
160
Cloud Native Serverless Java with Quarkus & GraalVM on AWS Lambda
dasniko
0
200
Serverless! But Multi-Cloud?
dasniko
0
200
Other Decks in Programming
See All in Programming
脅威をエンジニアリングの糧にして――現場編 / Turning Threats into Engineering Fuel — Field Edition
nrslib
0
290
セキュリティの専門家じゃなくてもできる。「セキュリティ意識」をアップデートして サプライチェーン攻撃への耐性を高めよう。
tk3fftk
5
890
The ROI of Quarkus for Spring Boot Applications
hollycummins
0
120
ふつうのFeature Flag実践入門
irof
8
4.1k
さぁV100、メモリをお食べ・・・
nilpe
0
150
Inside Stream API
skrb
1
740
気づいたらRubyで100作品 ー クリエイティブコーディングが生活の一部になるまで / 100 Ruby Sketches Later: How Creative Coding Became Part of My Life
chobishiba
3
590
軽量Java基盤の設計 DIコンテナに頼らない、長期保守と1秒起動の実現 JJUG CCC 2026 Spring
macha64
0
550
ローカルLLMでどこまでコードが書けるか -拡張版 / How much code can be written on a local LLM Extended
kishida
11
4.3k
Vue × Nuxt × Oxc どこまで使える?実運用の現在地
andpad
0
270
ADKを使って簡単にAIエージェントを作ってみよう
k1mu21
0
270
エージェンティックRAGにAWSで入門しよう!
har1101
8
1.7k
Featured
See All Featured
GraphQLの誤解/rethinking-graphql
sonatard
75
12k
The Pragmatic Product Professional
lauravandoore
37
7.3k
We Are The Robots
honzajavorek
0
250
Facilitating Awesome Meetings
lara
57
7k
GitHub's CSS Performance
jonrohan
1033
470k
Claude Code のすすめ
schroneko
67
230k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
287
14k
Thoughts on Productivity
jonyablonski
76
5.2k
How to make the Groovebox
asonas
2
2.2k
Lightning Talk: Beautiful Slides for Beginners
inesmontani
PRO
2
580
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
12
1.7k
Between Models and Reality
mayunak
4
340
Transcript
FIDO PASSKEYS
ABOUT ME ▸ Independent Consultant/Architect/Developer/Trainer ▸ Doing stuff with &
without Computers, Software, > 25 yrs ▸ "Mr. Keycloak" > 9 yrs (since 1.x) ▸ Co-Lead of JUG DA (https://www.jug-da.de / @JUG_DA) ▸ Author of „Serverless Computing in AWS Cloud“ serverlessbuch.de ▸ Web: www.n-k.de / Social: @dasniko ▸ YouTube: youtube.com/@dasniko
https://www.socreatory.com/de/trainings/keycloak?ref=niko
FIDO Passkeys PASSWORD
FIDO Passkeys https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)
FIDO Passkeys https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)
FIDO Passkeys https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)
FIDO Passkeys https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)
FIDO Passkeys https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)
FIDO Passkeys https://xkcd.com/936/
FIDO Passkeys PASSWORD
FIDO Passkeys PASSWORD
FIDO Passkeys MFA?
FIDO PASSKEYS FIDO FAST IDENTITY ONLINE FIDOALLIANCE.ORG
Consortium of Major Global Players in Information Technology with the
Aim to make the Internet more Secure and easier to use. FIDO PASSKEYS FIDO FAST IDENTITY ONLINE FIDOALLIANCE.ORG
FIDO PASSKEYS FIDO FAST IDENTITY ONLINE FIDOALLIANCE.ORG Simpler, Stronger Authentication
Solving the World’s Password Problem
FIDO Passkeys PASSKEYS
FIDO Passkeys PASSKEYS
FIDO PASSKEYS Login as usual with Your Username on a
Website or in a Mobile-App.
FIDO PASSKEYS If the Website supports Passkeys, the Browser requests
you to use them.
FIDO PASSKEYS Select the Passkey to use and Authenticate yourself
using a biometric or a security key.
FIDO PASSKEYS Select the Passkey to use and Authenticate yourself
using a biometric or a security key.
FIDO PASSKEYS Select the Passkey to use and Authenticate yourself
using a biometric or a security key.
FIDO PASSKEYS That’s it! You are successfully logged in!
FIDO Passkeys PASSKEYS WEBAUTHN STANDARD PUBLIC-PRIVATE KEY PAIRS
FIDO Passkeys DEMO…
FIDO PASSKEYS Identity Provider
FIDO PASSKEYS Identity Provider LOGIN REQUEST
FIDO PASSKEYS Identity Provider CHALLENGE RESP.
FIDO PASSKEYS Identity Provider PRIV
FIDO PASSKEYS Identity Provider PRIV
FIDO PASSKEYS Identity Provider PRIV SIGNED ANSWER
FIDO PASSKEYS Identity Provider PRIV PUB
USER SPECIFIC DATA FIDO PASSKEYS Identity Provider
FIDO PASSKEYS REGISTRATION OF PASSKEYS
FIDO PASSKEYS Identity Provider
FIDO PASSKEYS Identity Provider REGISTRATION REQUEST
FIDO PASSKEYS Identity Provider CONDITIONS FOR KEY GENERATION
FIDO PASSKEYS Identity Provider
FIDO PASSKEYS Identity Provider
FIDO PASSKEYS Identity Provider PRIV PUB
FIDO PASSKEYS Identity Provider PRIV PUB SEND PUBLIC KEY
FIDO PASSKEYS Identity Provider REGISTRATION FINISHED PUB
FIDO PASSKEYS ADVANTAGES OF PASSKEYS
FIDO PASSKEYS 1. EVERY PASSKEY IS BOUND TO A DOMAIN
No Phishing Possible. Different PASSKEY for every Website By Design.
FIDO PASSKEYS 2. NO MORE STRUGGLE WITH COMPLEX PASSWORD-RULES Complex
and unique passkeys by design. No need to remember anything.
FIDO PASSKEYS 3. PASSKEYS ARE ALREADY KIND OF MULTI-FACTOR Ownership
Inherence Knowledge
FIDO PASSKEYS 4. NO TRANSMISSION OF PERSONAL AND PRIVATE DATA
Neither private Key, nor biometric data. Thus, public keys can be saved unencrypted.
FIDO PASSKEYS (5.) NO EXPLICIT USAGE OF USERNAMES NECESSARY Discoverable
Credentials (formerly "Resident Keys")
FIDO Passkeys *)
FIDO Passkeys CTAP2 Client To Authenticator Protocol
FIDO Passkeys FIDO:/0835849654370320632569583877928987334052173049980161 6722038811686437501386620745218491891905310830006741238072 3814609350077472607493802861175815053378306107096654083332 https://fidoalliance.org/specs/fido-v2.2-rd-20230321/fido-client-to-authenticator-protocol-v2.2-rd-20230321.html#sctn-hybrid
FIDO PASSKEYS MIXED ENVIRONMENTS ➡ Use External Device (QR-Code /
CTAP) ➡ Hardware Security Keys (e.g. yubikey) ➡ Password Manager
FIDO PASSKEYS WHERE AND WHEN TO USE?
FIDO PASSKEYS WHERE AND WHEN TO USE? https://passkeys.dev/device-support/ (07/2024)
FIDO PASSKEYS WHERE AND WHEN TO USE? https://passkeys.dev/device-support/ (07/2024)
FIDO PASSKEYS WHERE AND WHEN TO USE? https://passkeys.dev/device-support/ (07/2024)
FIDO PASSKEYS DEV RESOURCES ➡ https://fidoalliance.org ➡ https://passkeys.dev
Text https://www.informatik-aktuell.de/betrieb/sicherheit/fido-passkeys-in-zukunft-ohne-passwort.html
THANK YOU. ANY QUESTIONS? Slides: https://speakerdeck.com/dasniko NIKO KÖBLER | www.n-k.de
|
[email protected]
| @dasniko FIDO Passkeys
dasniko
nrslib
tk3fftk
hollycummins
irof
nilpe
skrb
chobishiba
macha64
kishida
andpad
k1mu21
har1101
sonatard
lauravandoore
honzajavorek
lara
jonrohan
schroneko
stephaniewalter
jonyablonski
asonas
inesmontani
tammyeverts
mayunak
