Issue#32 - Visualization of Passkey Workflow
Passkeys are newer, more secure way to sign into websites and apps without passwords
Knowledge Byte
Passkeys are newer, more secure way to sign into websites and apps without passwords. Users can sign in to website/apps using biometric sensors such as fingerprint, face scan, PIN, or pattern.
If you visit websites that support passkey authentication you will be usually prompted to create one.
Passkeys use a security system called public key cryptography to safely log you into websites. Each passkey creates a pair of digital keys - one public and one private - that work together like a digital keycard that's much more secure than passwords.
When you sign up for an app that supports passkey, two keys are generated. The private key is stored securely on your device and the public key on server.
When you sign in, the website sends a unique challenge that your device solves using your secret key after you verify your identity with a fingerprint, face, or PIN.
Your device sends this solution back to the website, which verifies it matches using your public key—confirming it's really you without ever seeing your private key.
Let’s look at the steps visually-
The biggest benefit of using passkey is that it protects you from phishing attack. Hackers can't steal a passkey through fake websites because passkeys are tied to the real website's identity. Also, your private key never leaves your device, so websites can't lose it in a data breach.
More Reading-
That’s it folks, thanks for reading!
Links From Around The Web
Using LLMs and Cursor to become a finisher - Building prototype these days are more easier than ever.
I Recreated Shazam's Algorithm from Scratch because no one is hiring jnr devs
Let Me GPT that for you - Looks like we are moving from “Let me google that for you” to LLMs