Brief overview of passwords
What is FIDO2?
DEMO!
How does it work?
How to get started.
Why FIDO2?
Q & A
Invented by Fernando Corbato in the 1950s
Microsoft Security Intelligence Report 2019
Phising increased by 400% during '18 and reached 0.8% of all emails analyzed
Phisable (Ticket from our Support-system, last week)
of all hacking-related breaches leverage stolen or weak passwords.
(Source, Verizon)
Options, but you have to design and implement it yourself
Introducing...
www.passwordless.dev
On screen
Off Screen (Security Key)
We clicked a button in the browser
The Browser did something
We touched a USB stick
We were securely signed in
We used Fingerprint / FaceID
FIDO2 Flow
👍
Fast auth based on Public / Private key cryptography.
W3C Standards 👆
CTAP?????
NFC? WebAuthn?
Server is responsible for cryptographic verification.
Private Key never leaves your device.
No shared secret
Anonymity *can* be ensured.
github.com/abergs/fido2-net-lib
(17 contributors)