Clemens Hübner

Passwordless future: WebAuthn and Passkeys in practice

What if you could build phishing-proof logins without passwords? Learn how WebAuthn and Passkeys make secure, cross-device authentication a practical reality for your users.

Passwordless future: WebAuthn and Passkeys in practice
#1about 3 minutes

The fundamental problems with password-based authentication

Passwords are hard for users to manage and insecure for developers to store, making them vulnerable to phishing and theft.

#2about 1 minute

Shifting to modern possession and biometric factors

The future of authentication moves away from what you know (passwords) to what you have (possession) and what you are (biometrics).

#3about 2 minutes

An overview of the WebAuthn JavaScript API

WebAuthn is a W3C standard and JavaScript API that enables passwordless authentication in web apps using modern cryptography.

#4about 2 minutes

Live demo of passwordless registration and login

A practical demonstration shows how a user can register and log in to a web application using a physical security key instead of a password.

#5about 4 minutes

How WebAuthn's registration and authentication ceremonies work

WebAuthn uses a registration ceremony to create a public-private key pair and an authentication ceremony to verify identity with a challenge-response process.

#6about 3 minutes

Understanding the history and browser support for WebAuthn

WebAuthn has been a W3C standard since 2019 and is now supported by over 95% of modern browsers across all major platforms.

#7about 3 minutes

Introducing Passkeys to solve WebAuthn's usability issues

Early WebAuthn adoption was slow due to usability challenges like managing physical keys and syncing credentials across multiple devices.

#8about 4 minutes

How Passkeys improve the user experience

Passkeys are WebAuthn credentials integrated into platform ecosystems like Apple ID and Google accounts, enabling seamless syncing and cross-device usage via QR codes.

#9about 3 minutes

The impact of Passkeys on passwordless adoption

The introduction of Passkeys by major platforms has significantly accelerated the adoption of passwordless authentication by improving usability and providing user education.

#10about 7 minutes

Answering key questions about Passkeys and WebAuthn

Common questions are addressed regarding credential recovery, phishing resistance, future-proofing against quantum computing, and usability for non-technical users.

Related jobs
Jobs that call for the skills explored in this talk.

Matching moments

Understanding the next generation of authentication with passkeys
17:18 MIN

Understanding the next generation of authentication with passkeys

Going Beyond Passwords: The Future of User Authentication

Exploring the user experience flaws in web authentication
00:29 MIN

Exploring the user experience flaws in web authentication

SSO with Ethereum and Next JS

Following accessibility guidelines for authentication flows
24:03 MIN

Following accessibility guidelines for authentication flows

The Cake Is a Lie... And So Is Your Login’s Accessibility

Understanding the vulnerabilities of password-based authentication
00:21 MIN

Understanding the vulnerabilities of password-based authentication

No More Post-its: Boost your login security with APIs

The inherent weaknesses and risks of traditional passwords
00:47 MIN

The inherent weaknesses and risks of traditional passwords

Going Beyond Passwords: The Future of User Authentication

Addressing security, privacy, and cross-browser concerns
36:58 MIN

Addressing security, privacy, and cross-browser concerns

Project Fugu: Progressive Web Apps, Superpowered

Applying cryptography and managing user sessions securely
58:36 MIN

Applying cryptography and managing user sessions securely

Software Security 101: Secure Coding Basics

How passwordless authentication with magic links works
08:54 MIN

How passwordless authentication with magic links works

Going Beyond Passwords: The Future of User Authentication

Featured Partners

Related Videos

See all videos
Going Beyond Passwords: The Future of User Authentication27:55

Going Beyond Passwords: The Future of User Authentication

Gift Egwuenu

Passwordless Web 1.530:21

Passwordless Web 1.5

Paweł Łukaszuk

Security in modern Web Applications - OWASP to the rescue!26:59

Security in modern Web Applications - OWASP to the rescue!

Jakub Andrzejewski

Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?27:36

Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?

Tino Sokic

Let’s write an exploit using AI21:01

Let’s write an exploit using AI

Julian Totzek-Hallhuber

Accelerating Authentication Architecture: Taking Passwordless to the Next Level49:52

Accelerating Authentication Architecture: Taking Passwordless to the Next Level

Yedidya Schwartz

No More Post-its: Boost your login security with APIs16:05

No More Post-its: Boost your login security with APIs

Alvaro Navarro

Programming secure C#/.NET Applications: Dos & Don'ts33:29

Programming secure C#/.NET Applications: Dos & Don'ts

Sebastian Leuer

From learning to earning

Jobs that call for the skills explored in this talk.