Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
FIDO Passkeys - The Future without Passwords!
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Niko Köbler
May 11, 2023
Programming
300
1
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
FIDO Passkeys - The Future without Passwords!
Niko Köbler
May 11, 2023
More Decks by Niko Köbler
See All by Niko Köbler
The Keycloak Token Config Mistakes 90% of All Developers Get Wrong (and how to avoid)
dasniko
0
32
DPoP - Demonstrating Proof of Possession
dasniko
0
72
History of Authentication
dasniko
0
71
SAML, OAuth & OIDC
dasniko
0
290
Status Quo of OAuth 2
dasniko
0
350
OAuth2, OIDC & JWT - Important Basics!
dasniko
1
1k
Authentication in Web, API-based & Distributed Environments
dasniko
0
160
Cloud Native Serverless Java with Quarkus & GraalVM on AWS Lambda
dasniko
0
200
Serverless! But Multi-Cloud?
dasniko
0
200
Other Decks in Programming
See All in Programming
New "Type" system on PicoRuby
pocke
1
980
並列実装の現場、2ヶ月間実務でAIを使い倒したAIもPCも私も限界が近い
ming_ayami
0
130
メソッドのジェネリクスでGoの夢は広がるか? / Kyoto.go #65
utgwkk
3
850
Skillsは効率化、Agentsは"自分の拡張"——Builder時代のエージェント編成(CC Night 2026)
wemra
1
140
エージェンティックRAGにAWSで入門しよう!
har1101
8
1.7k
Language Server 使ってる? 〜VSCode と Zed の場合〜 / Are you using a Language Server? ~For VS Code and Zed~
handlename
0
800
Vite+ Unified Toolchain for the Web
naokihaba
0
320
技術的負債解消で開発者の未来を開く- AIの力でコード刷新
kmd2kmd
0
110
セキュリティの専門家じゃなくてもできる。「セキュリティ意識」をアップデートして サプライチェーン攻撃への耐性を高めよう。
tk3fftk
5
890
ADKを使って簡単にAIエージェントを作ってみよう
k1mu21
0
270
LLM本来の能力を解き放つサンドボックス技術とAI民主化への適用
yukukotani
3
4.3k
Lessons from Spec-Driven Development
simas
PRO
0
210
Featured
See All Featured
Discover your Explorer Soul
emna__ayadi
2
1.1k
Unsuck your backbone
ammeep
672
58k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
4.3k
Groundhog Day: Seeking Process in Gaming for Health
codingconduct
0
210
The World Runs on Bad Software
bkeepers
PRO
72
12k
Between Models and Reality
mayunak
4
340
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
11
950
Ethics towards AI in product and experience design
skipperchong
2
310
職位にかかわらず全員がリーダーシップを発揮するチーム作り / Building a team where everyone can demonstrate leadership regardless of position
madoxten
62
54k
First, design no harm
axbom
PRO
2
1.2k
Done Done
chrislema
186
16k
The Illustrated Guide to Node.js - THAT Conference 2024
reverentgeek
1
390
Transcript
FIDO PASSKEYS
ABOUT ME ▸ Independent Consultant/Architect/Developer/Trainer ▸ Doing stuff with &
without Computers, Software, > 25 yrs ▸ "Mr. Keycloak" > 9 yrs (since 1.x) ▸ Co-Lead of JUG DA (https://www.jug-da.de / @JUG_DA) ▸ Author of „Serverless Computing in AWS Cloud“ serverlessbuch.de ▸ Web: www.n-k.de / Social: @dasniko ▸ YouTube: youtube.com/@dasniko
https://www.socreatory.com/de/trainings/keycloak?ref=niko
FIDO Passkeys PASSWORD
FIDO Passkeys https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)
FIDO Passkeys https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)
FIDO Passkeys https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)
FIDO Passkeys https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)
FIDO Passkeys https://www.safetydetectives.com/blog/the-most-hacked-passwords-in-the-world/ (05/2023)
FIDO Passkeys https://xkcd.com/936/
FIDO Passkeys PASSWORD
FIDO Passkeys PASSWORD
FIDO Passkeys MFA?
FIDO PASSKEYS FIDO FAST IDENTITY ONLINE FIDOALLIANCE.ORG
Consortium of Major Global Players in Information Technology with the
Aim to make the Internet more Secure and easier to use. FIDO PASSKEYS FIDO FAST IDENTITY ONLINE FIDOALLIANCE.ORG
FIDO PASSKEYS FIDO FAST IDENTITY ONLINE FIDOALLIANCE.ORG Simpler, Stronger Authentication
Solving the World’s Password Problem
FIDO Passkeys PASSKEYS
FIDO Passkeys PASSKEYS
FIDO PASSKEYS Login as usual with Your Username on a
Website or in a Mobile-App.
FIDO PASSKEYS If the Website supports Passkeys, the Browser requests
you to use them.
FIDO PASSKEYS Select the Passkey to use and Authenticate yourself
using a biometric or a security key.
FIDO PASSKEYS Select the Passkey to use and Authenticate yourself
using a biometric or a security key.
FIDO PASSKEYS Select the Passkey to use and Authenticate yourself
using a biometric or a security key.
FIDO PASSKEYS That’s it! You are successfully logged in!
FIDO Passkeys PASSKEYS WEBAUTHN STANDARD PUBLIC-PRIVATE KEY PAIRS
FIDO Passkeys DEMO…
FIDO PASSKEYS Identity Provider
FIDO PASSKEYS Identity Provider LOGIN REQUEST
FIDO PASSKEYS Identity Provider CHALLENGE RESP.
FIDO PASSKEYS Identity Provider PRIV
FIDO PASSKEYS Identity Provider PRIV
FIDO PASSKEYS Identity Provider PRIV SIGNED ANSWER
FIDO PASSKEYS Identity Provider PRIV PUB
USER SPECIFIC DATA FIDO PASSKEYS Identity Provider
FIDO PASSKEYS REGISTRATION OF PASSKEYS
FIDO PASSKEYS Identity Provider
FIDO PASSKEYS Identity Provider REGISTRATION REQUEST
FIDO PASSKEYS Identity Provider CONDITIONS FOR KEY GENERATION
FIDO PASSKEYS Identity Provider
FIDO PASSKEYS Identity Provider
FIDO PASSKEYS Identity Provider PRIV PUB
FIDO PASSKEYS Identity Provider PRIV PUB SEND PUBLIC KEY
FIDO PASSKEYS Identity Provider REGISTRATION FINISHED PUB
FIDO PASSKEYS ADVANTAGES OF PASSKEYS
FIDO PASSKEYS 1. EVERY PASSKEY IS BOUND TO A DOMAIN
No Phishing Possible. Different PASSKEY for every Website By Design.
FIDO PASSKEYS 2. NO MORE STRUGGLE WITH COMPLEX PASSWORD-RULES Complex
and unique passkeys by design. No need to remember anything.
FIDO PASSKEYS 3. PASSKEYS ARE ALREADY KIND OF MULTI-FACTOR Ownership
Inherence Knowledge
FIDO PASSKEYS 4. NO TRANSMISSION OF PERSONAL AND PRIVATE DATA
Neither private Key, nor biometric data. Thus, public keys can be saved unencrypted.
FIDO PASSKEYS (5.) NO EXPLICIT USAGE OF USERNAMES NECESSARY Discoverable
Credentials (formerly "Resident Keys")
FIDO Passkeys *)
FIDO Passkeys CTAP2 Client To Authenticator Protocol
FIDO Passkeys FIDO:/0835849654370320632569583877928987334052173049980161 6722038811686437501386620745218491891905310830006741238072 3814609350077472607493802861175815053378306107096654083332 https://fidoalliance.org/specs/fido-v2.2-rd-20230321/fido-client-to-authenticator-protocol-v2.2-rd-20230321.html#sctn-hybrid
FIDO PASSKEYS MIXED ENVIRONMENTS ➡ Use External Device (QR-Code /
CTAP) ➡ Hardware Security Keys (e.g. yubikey) ➡ Password Manager
FIDO PASSKEYS WHERE AND WHEN TO USE?
FIDO PASSKEYS WHERE AND WHEN TO USE? https://passkeys.dev/device-support/ (07/2024)
FIDO PASSKEYS WHERE AND WHEN TO USE? https://passkeys.dev/device-support/ (07/2024)
FIDO PASSKEYS WHERE AND WHEN TO USE? https://passkeys.dev/device-support/ (07/2024)
FIDO PASSKEYS DEV RESOURCES ➡ https://fidoalliance.org ➡ https://passkeys.dev
Text https://www.informatik-aktuell.de/betrieb/sicherheit/fido-passkeys-in-zukunft-ohne-passwort.html
THANK YOU. ANY QUESTIONS? Slides: https://speakerdeck.com/dasniko NIKO KÖBLER | www.n-k.de
|
[email protected]
| @dasniko FIDO Passkeys
dasniko
pocke
ming_ayami
utgwkk
wemra
har1101
handlename
naokihaba
kmd2kmd
tk3fftk
k1mu21
yukukotani
simas
emna__ayadi
ammeep
kastner
codingconduct
bkeepers
mayunak
tammyeverts
skipperchong
madoxten
axbom
chrislema
reverentgeek
