This repository has been archived on 2024-11-13. You can view files and clone it, but cannot push or open issues or pull requests.
fediversity_website/content/evenementen/nluug/najaarsconferentie-2022/talks/joost-van-dijk-from-passwords-to-passkeys-whats-new-with-fido.md
2023-07-04 09:22:47 +02:00

1.7 KiB

categories date description layout slug tags title speakers presentation recording
2022-11-29T20:31:43+02:00 event-talk Joost van Dijk - From passwords to passkeys: what's new with FIDO?
joost-van-dijk
filename
2022-11-29-joost-van-dijk-from-passwords-to-passkeys-whats-new-with-fido.pdf
platform url
youtube https://www.youtube.com/watch?v=z4T5P_LpN3E

Abstract

Recent additions to FIDO and W3C standards enable mass adoption of passwordless authentication. Browser and platform vendors like Apple, Google, and Microsoft have started to implement support for these additions, enabling websites and other relying parties to further transition away from passwords to cryptographically secure passkeys.

In this talk, we will discuss what these new additions are, and how they can help with replacing passwords. Along the way, we will answer questions like the following:

  • What are passkeys or discoverable credentials? What are multi-device credentials, how are they different from single-device credentials, and what problem are they solving?
  • Should I allow multi-device credentials on my website? How can I tell if a user logs in using a multi-device credential? How can device attestation and the FIDO metadata service help me distinguish different levels of authentication strength?
  • How do I migrate from passwords to passkeys? What is WebAuthn Conditional Mediation and why would I need it?
  • What is Hybrid transport and how does it allow me to use my phone as an authenticator?

Biography

Joost van Dijk is a developer advocate at Yubico. He focuses on securing digital identities and accelerating the adoption of open source authentication standards as part of Yubico's developer program.