Authentication and User Management solution for developers. Open source alternative to Clerk & Auth0.
Go7.31 k
2 天前
Passkeys are a form of passwordless user authentication for websites and apps, that is designed to provide a high level of security by leveraging public key infrastructure. Unlike passwords, no shared secret is exchanged between the user and a service. Instead, the public key is sent to the server, while the private key is stored in the user’s device.
To verify the user’s identity, users can use biometric data, such as a fingerprints or facial recognition, instead of relying on a user-generated password. This makes it much more difficult for attackers to gain unauthorized access to an account, as passkeys are two-factor-authentication (2FA) by default. Concisely, they avoid a range of password-based attacks, including phishing, by providing an additional layer of security.