Glossary

WEBAUTHN & PASSKEYS
defined.

A W3C standard for phishing-resistant authentication using public-key cryptography and hardware-backed credentials.

A–Z

What is WebAuthn & Passkeys?

WebAuthn (and its consumer-friendly cousin, passkeys) replaces passwords and OTP-based MFA. Credentials are bound to the relying party origin, so phishing sites cannot use them. Passkeys can sync via iCloud Keychain or Google Password Manager for cross-device portability.

Related terms.

Multi-Factor Authentication (MFA)
OAuth 2.0
OpenID Connect (OIDC)
Security Assertion Markup Language (SAML)

Where this shows up.

See our web application penetration testing, API security testing, network penetration testing, and cloud security audit services for how we test for and defend against this class of issue.

Test for this in your stack

BOOK A FREE
scoping call.

30-minute call with an OSCP-certified engineer. Tailored proposal in 24 hours.

Book Free Scoping Call →All Services

WEBAUTHN & PASSKEYSdefined.

What is WebAuthn & Passkeys?

Related terms.

Where this shows up.

BOOK A FREEscoping call.

WEBAUTHN & PASSKEYS
defined.

BOOK A FREE
scoping call.