Talks
Speakers
Events
Topics
Sign in
Home
Talks
Speakers
Events
Topics
Leaderboard
Use
Analytics
Sign in
Suggest modification to this talk
Title
Description
Date
Summarized using AI?
If this talk's summary was generated by AI, please check this box. A "Summarized using AI" badge will be displayed in the summary tab to indicate that the summary was generated using AI.
Show "Summarized using AI" badge on summary page
Summary
Markdown supported
In her presentation at Euruko 2023, Carla Urrea Stabile discusses a future without passwords through alternatives such as WebAuthn and passkeys. She shares her personal anecdotes regarding the frustrations of password management, highlighting its reliance on memory and vulnerability. She emphasizes the need for passwordless authentication, which improves user experience and security, and reduces the cost of managing passwords. Stabile introduces the concepts of passwordless authentication, which involves methods like magic links and one-time codes, and demonstrates that passwordless options can be both user-friendly and secure by eliminating the knowledge factor in authentication. **Key Points Discussed:** - **Dislike for Passwords:** Stabile recounts her struggles to remember passwords and how they often lead to panic during transactions, underscoring the sentiment that 'passwords suck.' - **Passwordless Authentication:** She explains passwordless authentication as a superior method that improves user experience and security, hinting at alternative mechanisms that allow for easier login. - **Authentication Factors:** Three factors are outlined: knowledge, possession, and inheritance. Passwordless systems utilize possession (like devices) and inheritance (like biometrics) to verify identity. - **WebAuthn:** Stabile dives into WebAuthn, a browser-based API for authentication using public key cryptography instead of passwords, and discusses its functionality and security advantages. - **Demonstration:** A demo of creating WebAuthn credentials illustrates how seamless and secure passwordless authentication can be. - **Introduction to Passkeys:** Stabile discusses passkeys, designed to replace passwords, emphasizing their uniqueness, automatic syncing, and resilience to phishing attacks. She distinguishes between sync passkeys and device-bound passkeys and highlights their intuitive nature. - **Conclusion:** The speaker encourages exploring early implementations of passkeys for broader application, referencing tools and services like Google, Apple, and GitHub that support passkeys. She closes with a call to engage with resources that facilitate understanding and implementation of these new authentication methods. Carla Stabile's keynote ultimately advocates for a transformative shift from passwords to more secure, user-friendly alternatives, promoting ongoing exploration and implementation of these technologies in user authentication systems.
Suggest modifications
Cancel
