In cyber security we had and still have a lot of trouble with passwords. They are, as a single factor, insecure or difficult to remember and overall inconvenient. While password managers solve some part of this problem, widespread adoption in the enterprise is not available. In the end nobody loves passwords, except hackers 😜

But 2024 is the year the password dies! At least we hope so.

In this talk we want to show you how passkeys can replace not only the password but phishable MFA factors as well.

We will delve in the basic´s behind passkeys, explain the technology that makes them so secure but also what different kind of passkeys there are.

In this session we will focus on how passkeys fit into Microsoft Entra IDs ecosystem, our favorite identity provider, but many aspects are applicable to other IdPs as well.

But where there is light, there is also shadows. We will discuss the risk some of the passkey implementations might hold for you as an enterprise and will show counter measures to mitigate or minimize this risk.

Let us all make 2024 the end of the password!

Level 200-300 ~45 minutes