Navigating Passwordless Authentication with FIDO2 & WebAuthn

Explore the future of authentication in this 33-minute conference talk from BSidesSF 2019. Delve into the world of passwordless authentication using FIDO2 and WebAuthn standards, and discover how YubiKeys are revolutionizing secure access. Learn about the shortcomings of traditional password-based systems and the urgent need for more robust authentication methods in the face of frequent data breaches. Gain insights into how major organizations like Microsoft have implemented these standards for a truly passwordless experience. Understand the components of a modern, flexible security architecture built on FIDO open standards and hardware authenticators. The talk covers multifactor authentication, credential breaches, supported devices, and includes a live demo. Explore the seamless user experience, basic commands, and the registration API. Address common pitfalls and learn how to effectively eliminate passwords in your organization's security infrastructure.

Intro
Multifactor
Credential Breach
Open Standards
Supported Devices
Demo
Seamless Experience
Basic Commands
Registration API
QA
Internal Authenticator
Common pitfalls
Getting rid of passwords