Passkeys are the latest version of an advanced web-based authentication, WebAuthn. Reducing the risk of phishing and data breaches, passkeys can be a great answer to the problem of passwords and two-factor authentication systems.
What Are Passkeys?
Passkeys are a form of public/private cryptography used for authentication. With passkeys, a user’s browser (or hardware token) generates a public/private key pair for each web application. The web application is responsible for storing the public key in its authentication store, while the user’s browser stashes the private key away. The passkey store is locked up with its own authentication system, typically a biometric such as a fingerprint, face or retina ID. Passkeys have all of the advantages of encrypted public key infrastructure with digital certificates, without the trouble of managing certificate authorities and certificate policies.
Click the banner to learn how IAM solutions protect complex higher ed IT ecosystems.
Will Passkeys Work with Our Central Directory for Authentication?
Yes and no. Passkeys are unique to each web application and never shared across applications; this is a feature that reduces phishing because a passkey won’t work except on the site for which it was generated. You can store the multiple public keys in a central directory for your own web applications, or they can be distributed into each different web application. If you choose to put them in a central directory, you’ll have to make significant changes to handle the additional per-user storage and create business logic for things such as authentication resets.
How Hard Is It to Modify My Applications to Support Passkeys?
It’s harder than you might think, but it is possible. Passkeys are not just another authentication method; the user interface and user experience are very different, the standard is hard to read, device support varies significantly, and detecting whether a user has set up a passkey and it’s available in the device being used can be difficult. Your developers will be able to do it, but it’s not going to happen overnight.
What Do I Do About Apps or Devices That I Don’t Want to Touch?
A whole industry of privileged access management products has popped up to solve the problem of legacy and nonweb applications. Some of these products support passkeys. And, if you’re not using PAM for network and IT infrastructure already, now’s the time to start with passkeys for user authentication.
RELATED: What is role-based access control and how does it fit in a zero-trust model?
How Do Passkeys Fit in With Federated Identity?
Because these technologies do different but overlapping things, you can choose to take advantage of the best aspects of both. Passkeys are more secure than passwords or multifactor authentication, so they’re especially appropriate for high-risk/high-value applications. You can also use passkeys for the authentication to your federated identity system. You’ll give up some of the security and phishing protection, but you can get started with passkeys and realize immediate security gains by eliminating passwords and MFA costs.
Source link
#Passkeys #University
Unlock the potential of cutting-edge AI solutions with our comprehensive offerings. As a leading provider in the AI landscape, we harness the power of artificial intelligence to revolutionize industries. From machine learning and data analytics to natural language processing and computer vision, our AI solutions are designed to enhance efficiency and drive innovation. Explore the limitless possibilities of AI-driven insights and automation that propel your business forward. With a commitment to staying at the forefront of the rapidly evolving AI market, we deliver tailored solutions that meet your specific needs. Join us on the forefront of technological advancement, and let AI redefine the way you operate and succeed in a competitive landscape. Embrace the future with AI excellence, where possibilities are limitless, and competition is surpassed.
/cdn.vox-cdn.com/uploads/chorus_asset/file/25703800/247350_CMBF_PACKAGE_ART_CVirginia_LEDE_2040x1360.jpg?w=150&resize=150,150&ssl=1 "The Verge’s guide to Black Friday 2024")
