Could Passwordless Authentication Be Worse Than Passwords?

Explore the potential risks and vulnerabilities of passwordless authentication technologies in this 34-minute conference talk from BSidesLV. Delve into the increasing adoption of passwordless solutions by major tech companies and examine the misconception that these technologies are impenetrable. Discover real-world security risks associated with faulty implementations of passwordless authentication in web applications, and learn how compromised passwordless systems can potentially lead to more severe breaches than traditional password-based methods. Gain insights into best practices for developers integrating WebAuthn, and receive valuable recommendations for pentesters, enterprises, and end-users to enhance security in passwordless environments.

PW - Could Passwordless be Worse than Passwords?