Learn passkeys for simpler and safer sign-in

preview_player
Показать описание
After years of work, we’re finally ready to retire passwords, creating simpler, smoother, and more secure experiences for your users that seamlessly across all the major platforms. This session will detail the benefits of passkeys, how to use them to deliver streamlined authentication flows, and how to evolve your identity stack to embrace this new technology.

Resources:

Speaker: Eiji Kitamura

Watch more:

#GoogleIO
Рекомендации по теме
Комментарии
Автор

Join the conversation in the comments below for a chance to get your questions answered by the Chrome team. 👇👇🏻👇🏿👇🏽 👇🏾👇🏼

ChromeDevs
Автор

It would be nice to skip the page where you press the "Next" confirmation button to ask if you want to log in with the pass key and automatically display the authentication screen. If it's set as the default authentication tool, I think we should make sure to choose an option or fail it.

cat_sally
Автор

As a developer I am excited about this authentication method build on top of Webauthn. As a — sometimes a bit paranoid — user I fear that I'd have to use the OS or browser vendors credential managers to sync the private keys instead of FOSS and storage of my choosing. I curious about the way this will develop.

tobiasfedder
Автор

Hello, thank you for the explanation, but how can one change from two factors authentication, (like Google or Apple) to passkey, or whether any website or app, they must first give way to use passkey?

bakhtyarshwani
Автор

Does this make it possible to create anonymous user authentication? It seems this removes the need for a unique identifier such as email addresses for users to log in, in that case there is no need to know the identity of the user. Really cool for privacy-first apps!

AlexWohlbruck
Автор

Could passkeys be the sole method for signing up and logging in, or does it need to rely on a traditional authentication mechanism? And is it still necessary to have the user enter a unique username or email address?

CandixHR
Автор

01:32 "as a developer you only store a public key instead of a password" - why would you as a developer store a password instead of password hash?

powerDM
Автор

whats the word on using a passkey on a shared account. for example i shared a profile with 2 others can I safely add a passkey that only I will use?

weezyf
Автор

As I understand there are Roaming authenticators (Phone, USB, etc) and Platform authenticators (Laptop, Desktop). When I experimented last there was issue if user creates account on website using a platform authenticator which is likely more convenient, then later they try login to the account from their phone, but they can't since it is a different device.
From what I understood in the video, FIDO's solution to mitigate this is to allow syncing credentials across devices. Can you explain more about this works? It was my understanding these credentials don't leave the TPM (Trusted Platform Module) and I didn't understand how they could be shared. It seems like the boundary between Roaming and Platform is less clear now, and perhaps doesn't matter. Although the synchronization may be extra level of complexity for users.

mattmazzola
Автор

Is there a solution for situtations when the phone is stolen or broken that also non-technical users can understand?

derjansan
Автор

What happens when the user deletes created passkey? How can I bind this user with an account in my service?

romanpurishy
Автор

What the differences with normal webauthn?

heinou
Автор

Can I use a passkey to sign into my Chromebook?

brucewayne
Автор

So far a great presentation, and I expect the presenter is likely a great engineer at Google. So props to him. But for a presentation like this, would it not make sense to have someone who is more fluent - or rather, has less of a foreign accent - to actually present it? No disrespect to anyone intended, I just wonder at the idea.

HKnSLK