Clemens Hübner

Passwordless future: WebAuthn and Passkeys in practice

What if you could build phishing-proof logins without passwords? Learn how WebAuthn and Passkeys make secure, cross-device authentication a practical reality for your users.

Passwordless future: WebAuthn and Passkeys in practice
#1about 3 minutes

The fundamental problems with password-based authentication

Passwords are hard for users to manage and insecure for developers to store, making them vulnerable to phishing and theft.

#2about 1 minute

Shifting to modern possession and biometric factors

The future of authentication moves away from what you know (passwords) to what you have (possession) and what you are (biometrics).

#3about 2 minutes

An overview of the WebAuthn JavaScript API

WebAuthn is a W3C standard and JavaScript API that enables passwordless authentication in web apps using modern cryptography.

#4about 2 minutes

Live demo of passwordless registration and login

A practical demonstration shows how a user can register and log in to a web application using a physical security key instead of a password.

#5about 4 minutes

How WebAuthn's registration and authentication ceremonies work

WebAuthn uses a registration ceremony to create a public-private key pair and an authentication ceremony to verify identity with a challenge-response process.

#6about 3 minutes

Understanding the history and browser support for WebAuthn

WebAuthn has been a W3C standard since 2019 and is now supported by over 95% of modern browsers across all major platforms.

#7about 3 minutes

Introducing Passkeys to solve WebAuthn's usability issues

Early WebAuthn adoption was slow due to usability challenges like managing physical keys and syncing credentials across multiple devices.

#8about 4 minutes

How Passkeys improve the user experience

Passkeys are WebAuthn credentials integrated into platform ecosystems like Apple ID and Google accounts, enabling seamless syncing and cross-device usage via QR codes.

#9about 3 minutes

The impact of Passkeys on passwordless adoption

The introduction of Passkeys by major platforms has significantly accelerated the adoption of passwordless authentication by improving usability and providing user education.

#10about 7 minutes

Answering key questions about Passkeys and WebAuthn

Common questions are addressed regarding credential recovery, phishing resistance, future-proofing against quantum computing, and usability for non-technical users.

Related jobs
Jobs that call for the skills explored in this talk.

Matching moments

Crypto crime, EU regulation, and working while you sleep
01:15 MIN

Crypto crime, EU regulation, and working while you sleep

Fake or News: Self-Driving Cars on Subscription, Crypto Attacks Rising and Working While You Sleep - Théodore Lefèvre

The security challenges of building AI browser agents
06:33 MIN

The security challenges of building AI browser agents

AI in the Open and in Browsers - Tarek Ziadé

The importance of client-side encryption for AI features
03:16 MIN

The importance of client-side encryption for AI features

AI in the Open and in Browsers - Tarek Ziadé

Malware campaigns, cloud latency, and government IT theft
01:06 MIN

Malware campaigns, cloud latency, and government IT theft

Fake or News: Self-Driving Cars on Subscription, Crypto Attacks Rising and Working While You Sleep - Théodore Lefèvre

Understanding browser APIs that rely on company services
04:30 MIN

Understanding browser APIs that rely on company services

Developer Time Is Valuable - Use the Right Tools - Kilian Valkhof

Comparing the security models of browsers and native apps
05:01 MIN

Comparing the security models of browsers and native apps

Developer Time Is Valuable - Use the Right Tools - Kilian Valkhof

Europe's push for digital independence from US tech
05:17 MIN

Europe's push for digital independence from US tech

WeAreDevelopers LIVE – AI, Freelancing, Keeping Up with Tech and More

Preventing exposed API keys in AI-assisted development
03:45 MIN

Preventing exposed API keys in AI-assisted development

Slopquatting, API Keys, Fun with Fonts, Recruiters vs AI and more - The Best of LIVE 2025 - Part 2

Featured Partners

Related Videos

See all videos
Passwordless Web 1.530:21

Passwordless Web 1.5

Paweł Łukaszuk

Going Beyond Passwords: The Future of User Authentication27:55

Going Beyond Passwords: The Future of User Authentication

Gift Egwuenu

Accelerating Authentication Architecture: Taking Passwordless to the Next Level49:52

Accelerating Authentication Architecture: Taking Passwordless to the Next Level

Yedidya Schwartz

No More Post-its: Boost your login security with APIs16:05

No More Post-its: Boost your login security with APIs

Alvaro Navarro

Programming secure C#/.NET Applications: Dos & Don'ts33:29

Programming secure C#/.NET Applications: Dos & Don'ts

Sebastian Leuer

Delegating the chores of authenticating users to Keycloak23:42

Delegating the chores of authenticating users to Keycloak

Alexander Schwartz

Skynet wants your Passwords! The Role of AI in Automating Social Engineering31:19

Skynet wants your Passwords! The Role of AI in Automating Social Engineering

Wolfgang Ettlinger & Alexander Hurbean

SSO with Ethereum and Next JS44:49

SSO with Ethereum and Next JS

Rahat Chowdhury

Related Articles

View all articles
DC
Daniel Cranney
Dev Digest 194: AI vs. Version Control, Password Louvre & Cursed Webdev
Inside last week’s Dev Digest 194 . 🧠 Learn how to become an AI-native software engineer 🤷‍♂️ How can you stand out when anyone can build anything? 👂 Whisper Leak allows listening to encrypted chats 🐝 What’s new the OWASP2025 Top Ten List 🙅‍♀️ Curse...
Dev Digest 194: AI vs. Version Control, Password Louvre & Cursed Webdev
CH
Chris Heilmann
The top 200 passwords of 2024 can be cracked in less than a second
Passwords are a pain and with biometric logins, passkeys and other two factor authentication methods should be a thing of the past. In reality, though, a lot of systems still use username and password as the only security measure and users choose al...
The top 200 passwords of 2024 can be cracked in less than a second
CH
Chris Heilmann
Dev Digest 138 - Are you secure about this?
Hello there! This is the 2nd "out of the can" edition of 3 as I am on vacation in Greece eating lovely things on the beach. So, fewer news, but lots of great resources. Many around the topic of security. Enjoy! News and ArticlesGoogle Pixel phones t...
Dev Digest 138 - Are you secure about this?

From learning to earning

Jobs that call for the skills explored in this talk.