Great topic but the presenters are demonstrating things we can't see. Is it expected that we only see the title slide the whole way through? 😢

It's a shame we have no visual for the presentation.

Hope they dub it CIDO. Picked up cido.eth today

When will people finally realise: 1. Passkeys are generally protected by your phone's biometrics, so you lose 5th Amendment protections if Law Enforcement gets your phone and wants access. Biometrics are *not* Protected Speech! Precedent exists for forcing a suspect to unlock via fingerprint. Your PIN is Protected Speech, but you can't hide Passkeys behind a PIN if your screen lock is biometric. 2. Only the Private Key is needed for the FIDO2 Ceremony. Your biometrics release the Key, but the remote server can't truly verify what biometrics were used. So Passkeys are really 1FA, or at best "1.5FA".

Passkeys are Here! What Now? Make sure you don't waste 25 minutes of your life watching a video about this nonsense (or worse, watch the speaker deliver it live). Now we need to make sure FIDO is disbanded and put on trial for criminal conspiracy for their plan to break the internet and take away our passwords.

Unfortunately your slides did not show in my browser.

Promo'SM

Finally, someone realizes that passkeys aren't really 2FA.

Once we all get chips implanted in our heads, then we will know who I am, who I am, who I am, who I am [slaps self upside the head]. What was I saying? : )

It was an honor and privilege to take part in the closing panel.

𝓟Ř𝔬𝓂𝔬𝐒ϻ 💪

Proud of you, Arthur!

Hello There, thanks for the information. Do we have any video on how to set this OpenID connect with Nginx reverse proxy for SSO

You mentioned bearer tokens can be copied and replayed. Isn't that also true for a signed token? If a man in the middle, between the client and the resource server stole the signed token, can he not use it (until the expiry)?

Are you aware of your self-identity or living with misconception? kzfaq.info/get/bejne/gdVyq9Bhq7C9Y4k.html

My goodness that was a lot of information!

Thank you for the video!

How does this compare to device authorization grant (RFC 8628) ?

Next level. Thank you.

boring

This guy is proof that not all stoners are burnouts.

Difference between PingID and Ping SDK?

02:21 CSRF 08:22 token leakage 18:48 token reuse/misuse 26:16 question 1

great talk, great proposal for OAUTH improvement

I'm unable to view the slides. Following the link leads me to "Uploaded SlideShare Suspended"

dat face Victorrio. . .

Very inspiring and informative video! Our team implemented FIDO2 & WebAuthn in Jira marketplace.atlassian.com/apps/1222257/webauthn-for-jira?hosting=server&tab=overview Looking forward to hearing your thoughts on this)

Excellent talk !

Not sure I would call PING Federate the "Swiss Army knife". Here are some recent questions we asked the PING consultants: Can PF interface with Identity Manager? "NO" Can PF interface to DataPower API's? "NO" Can PF interface with TopSecret? "No". Pretty dull knife if you ask me.

For me, the whole "story telling" is so distracting from the topic I came here to learn about originally.

1 year later he wear the same clothe... hahaha kzfaq.info/get/bejne/eNtjmJiUq6q2lJs.html

how do i create a pingfederate account?

I love how he deep dive into the risk-based authentication. Great video!

The talk is so smooth and clear!

It was an insightful panel discussion! Thanks for bringing this up to the public guys.

:)

Great explanation! Thanks for sharing.

A nice introduction to the CIAM's challenges, but I think you need to explain more about the assessment, blueprint, and roadmap since those are the meat of this talk.

I wonder how privacy could have a business model.

So far I enjoy the video! So many things I don't know and excited to learn it!

This is a great introduction! Thanks

That was amazing! This guy really knows his sh*t!

Great Idea !!

Hey! :44

Great presentation. Richard is a such a wealth of knowledge. Two thumbs up!

So .. if i lost my finger/fingers and/or the key, i fall back to password which i don't remember since i used it 3 years ago, then whats the next? Final fallback? Email? Which is incidentally the main entry point of phishing. And after all that i'll probably be nervous enough not to check the domain a certain mail sends me to. And if i'd be a bad actor, i would still have a bright future ahead of me (especially with this widening of avenues of attack).

You should learn English, Vittorio. Your presentation is useless

Cool solution to a troublesome issue for so many IAM programs!