Password authentication vulnerabilities
Whilst we can mitigate many of the risks associated with password based authentication, it usually comes at the cost of usability.
We're now live! Signup now
The revolution is here - passwords are redundant! 🎉 Just as Auth0 and others made password authentication secure & affordable, we're doing the same for the next generation of authentication - WebAuthn Passkeys 📱
My primary mission is to educate both users and developrs about the benefits of passkeys. They really are transformative, and I want to play my part in promoting and supporting their adoption.
Back in 2010, I founded (and subsequently sold) an authentication business. We made it easy to enforce password policies, offered virtual TOTP based authencators and lots of other stuff. Fundamentally though, we were compensating for the inherent weakness of the password model.
Passwords were actually made redundant with the arrival of password managers. The core principle of a password, something you know, no longer holds when a browser remembers it for you. Passkeys are a natural evolution of password managers but they're far superior.
Back in the day I helped to make password based authentication more secure. Today, technology has moved on, and I want us to abondon passwords completely, transitioning to Passkeys. That's why I founded Passlock.
Founder
Latest posts about the Web Authentication API, Passkeys and other stuff
Whilst we can mitigate many of the risks associated with password based authentication, it usually comes at the cost of usability.
Infosec practitioners love them, but users hate them. The truth is that the average user can't remember a secure password. There are much better options going into 2024.
How we built our serverless Passkey platform using the AWS stack.