Modern Workplace Authentication
Introduction to passkeys

What is a passkey?
A passkey is used for Password-less sign-in. It is a system generated digital credential based on modern cryptography tied to a user account and a specific website or application.
What is in a passkey?
A passkey is a collection of several pieces of information.

Where are passkeys stored?
passkeys are stored in an Authenticator(s)
A U T H E N T I C A T O R S

Sync (software) vs Platform (hardware)

Are passkeys more secure than passwords?

The challenges of migrating to passkeys?
❑ Today, the user account must be authenticated before the user can set up a passkey
❑ Most websites or applications maintain both the password authentication and passkey authentication (confusing)
❑ Some websites replace passwords with passkeys, still requiring MFA verification (e.g.: amazon.com)
❑ The passkey must either be in the device or within Bluetooth range (30ft) of the devices that you are using to log in
❑ There can be confusion about where passkeys are stored and used
❑ There can be confusion on the use and limitations of hardware vs sync passkeys
❑ Passkeys are in a transition period (2025)
How are passkeys created?

How to sign in with a passkey
The User
Authenticator
Browser
Website

Cross-Device Sign-in
With a passkey on devices that do not have a passkey
The User
Authenticator
Browser
Website

How can Data Perceptions assist:
-
Fitting passkeys into your security strategies
-
Planning for passkey implementation