Passkeys topic
Passkeys are a form of passwordless user authentication for websites and apps, that is designed to provide a high level of security by leveraging public key infrastructure. Unlike passwords, no shared secret is exchanged between the user and a service. Instead, the public key is sent to the server, while the private key is stored in the user’s device.
To verify the user’s identity, users can use biometric data, such as a fingerprints or facial recognition, instead of relying on a user-generated password. This makes it much more difficult for attackers to gain unauthorized access to an account, as passkeys are two-factor-authentication (2FA) by default. Concisely, they avoid a range of password-based attacks, including phishing, by providing an additional layer of security.
passkeys-is
A developer-focused informative website about Passkeys
iOS16-Passkeys-Sample
This project explores the capabilities of the new iOS 16+ Passkeys API to support password-less authentications.
corbado-php
Add passkeys to your PHP application with the Corbado PHP SDK.
webauthn-local-client
Browser-only utils for locally managing WebAuthn (passkey) API
smart-wallet
Simple implementation of an ERC-4337 contract wallet controlled by Passkeys
eduMFA
Up-to-date multifactor authentication for academic institutions.
MSIdentityStandardsExplainers
Home for explainer documents originated by the Microsoft Identity Standards team
wallet-abstraction
No more wallets in one year.
example-passkeys-nextjs
Next.js (TypeScript) repository of a sample app that offers passkey authentication.
keycloak-webauthn-conditional-mediation
Keycloak Authentication Provider implementation for Webauthn with Conditional Mediation (Passkey autofill)