Passwords are bad. How can we replace them?
With WebAuthn, a promising option for passwordless authentication in web browsers was published in 2019, but was rarely adopted. Just until 2022, when both Google and Apple introduced the integration of WebAuthn in their identity systems, giving hope for further progress.
This session will explain the basics of WebAuthn and Passkeys and evaluate the state of adoption both on client and server side. It will then focus on the practical realization when developing a web application: How to build a passwordless authentication yourself? Which features make it easier or more difficult to use in web applications? What are the impressions from practical use? In the end, the talk will also shed a light on future developments in the WebAuthn environment.