SecAppDev 2024 lecture details
Passkeys: the future of user authentication
This session explores passkeys as a replacement for complex multi-factor authentication, covering user and developer perspectives and the technical details of passkeys.
Wednesday June 5th, 11:00 - 12:30
Room Lemaire
Add to calendar (ICS) Add to Google calendarAbstract
User authentication has been a mess for ages. Attempts to fix it by adding more authentication factors might work, but is quite complex. But what if there's a world where we can replace this insecure first factor with single strong authentication mechanism? That's what passkeys promise to do!
This session will dive head-first into passkeys. We not only explore passkeys from a user's perspective and a developer's perspective, but we also look at the mechanics under the hood. By the end of this session, you will understand how passkeys work and will know how to use them in your applications.
Key takeaway
Passkeys offer strong user authentication across platforms, with a fully integrated browser UI.
Content level
Advanced
Target audience
Developers, architects, and end users
Prerequisites
None.
Join us for SecAppDev. You will not regret it!
Grab your seat nowPhilippe De Ryck
Security Expert, Pragmatic Web Security
Expertise: Web security, API security, OAuth 2.0, OpenID Connect
Join us for SecAppDev. You will not regret it!
Grab your seat nowRelated lectures
Supercharging OAuth 2.0 security
Advanced lecture by Philippe De Ryck in room Lemaire
Tuesday June 4th, 16:00 - 17:30
Discover how to apply OAuth 2.0 in high-security scenarios, exploring its latest security enhancements. Learn about advanced features like Resource Indicators, JAR, PAR, and DPoP, gaining the knowledge to implement OAuth 2.0 securely.
Key takeaway: OAuth 2.0 offers various new security enhancements, including Resource Indicators, JAR, PAR, DPoP, designed for high-security environments
An open source WAF in a high security setting
Introductory lecture by Christian Folini in room West Wing
Wednesday June 5th, 09:00 - 10:30
Introduction to WAFs, a highly commercial market with a dominant open source offering, crazy incentives of WAF vendors, the history of online voting in Switzerland, the 2019 disaster and ray of hope cast by the WAF.
Key takeaway: Basic understanding of web application firewalls, their use cases and their limits.
Practical cryptography with Tink
Deep-dive lecture by Neil Madden in room West Wing
Monday June 3rd, 16:00 - 17:30
Learn how to translate cryptography know-how into robust working code that is easy to review. Avoid common implementation pitfalls by learning how to use the modern Tink cryptographic library.
Key takeaway: Learn how to use Tink to implement cryptographic features and protocols in a robust manner.