Every day we learn about a new data breach that has exposed our private personal information, including usernames and passwords, to malicious attackers. As more and more breaches happen, including the breach that happened at LastPass last August, it is becoming increasingly evident that using the traditional username/password combo isn’t working. With less than 30% of people actually using two-factor authentication to protect their personal logins from being exploited, information security has an authentication problem.
Luckily, we have something on the immediate horizon to help us. That is passkeys. Based on the WebAuthn standard, passkeys are based on Public Key Cryptography, a technology that has been used since the 1970s to keep authenticate and protect sensitive information.
Lax security can affect our WordPress sites, but also our social media, our bank accounts, and so much more. Offering better authentication with passkeys to our eCommerce, membership and other users reduces friction and makes logging in easier. It protects against brute force attacks as well as phishing attempts making security stronger across the board.
In this talk, we’ll walk through what passkeys are, show you how they work with a couple of different implementations, and show you where and how you can get started with passkeys. If you’re a developer looking to implement passkeys in your project, we’ll even show you where you can get started with code samples and support from the security community.