Passkeys: A Shattered Dream (fy.blackhats.net.au)
Passkeys: A Shattered Dream (fy.blackhats.net.au)
Passkeys: A Shattered Dream (fy.blackhats.net.au)
Webauthn Attestation and OpenSource Keys (fy.blackhats.net.au) French
Webauthn (Passkeys) are only going to become more important in the future and as this grows, deployments with higher security risks and criticality are going to need to start to understand and embrace attestation of their keys....
How Hype Will Turn Your Security Key Into Junk (fy.blackhats.net.au)
In the last few months there has been a lot of hype about "passkeys" and how they are going to change authentication forever. But that hype will come at a cost....
How Hype (Passkeys) Will Turn Your Security Key Into Junk (fy.blackhats.net.au)
tl;dr: passkeys, as proposed now, will fill up existing fido2/webauthn authenticators if the feature becomes widespread enough. this is because the feature of “passkeys” actually refer to resident keys, which most authenticators today can only store a limited amount of (some, none at all!). preventing this will require...