Passwords suck, Multi Factor Authentication is hip, everyone wants to use it, but most methods rely on some kind of generated One-Time passcode, which are as vulnerable to phishing as the passwords they should help protect. Other possible factors, like app-based authentication also bring similar design flaws to the table
A good alternative to insecure factors is the FIDO2 Standard, also sometimes referred to as WebAuthn, and its latest addition, passkeys.
This presentation will demonstrate the functionality of FIDO2/WebAuthn and compare it to other possible (multiple) factors. It will also demo setup and some basic configuration.
Special emphasis will be brought to passwordless authentication and the benefits and drawbacks of passkeys.
slides:
https://gitlab.com/cy4n/talk-webauthn-pub/-/blob/main/webauthn_CCCamp23.pdf
video: https://media.ccc.de/v/camp2023-57174-fido2