Weak passwords remain one of the major causes of breaches and security incidents. The Web Authentication standard provides a robust framework for passwordless authentication using passkeys. Passkeys are the latest revolution in authentication. You may have used it with Google or GitHub. But what exactly is it and how does it work? You will learn all about it in this talk.
We will dive into the core concepts of passkeys, their architecture, and their pros and cons. We will see how Passkey leverages public key cryptography and biometrics/hardware authenticators to offer enhanced security and usability while eliminating the vulnerabilities associated with traditional password-based systems.
We will explore how Java developers can leverage WebAuthn Java libraries to implement passkeys in their apps. We will also learn to use passkeys with Spring Security and external Identity providers. There will be demos, showing step-by-step integration of passkeys into Java web applications.
We will dive into the core concepts of passkeys, their architecture, and their pros and cons. We will see how Passkey leverages public key cryptography and biometrics/hardware authenticators to offer enhanced security and usability while eliminating the vulnerabilities associated with traditional password-based systems.
We will explore how Java developers can leverage WebAuthn Java libraries to implement passkeys in their apps. We will also learn to use passkeys with Spring Security and external Identity providers. There will be demos, showing step-by-step integration of passkeys into Java web applications.
Deepu Sasidharan
Okta
Deepu K Sasidharan is a Software Engineer by passion and profession. He is a Java Champion working as a Staff Developer Advocate at Auth0 by Okta. He is the co-lead of JHipster and the creator of KDash and JDL Studio. He is a polyglot programmer working with Java, Rust, JavaScript, Go, and so on. He is also a cloud technology advocate and an open-source software aficionado. He has authored books on Full-stack development and frequently writes about Java, Rust, JavaScript, Go, DevOps, Kubernetes, Linux, and so on, on his blog.