Passkeys

Passkeys provide passwordless authentication, which guarantees robust defences against phishing and credential stuffing attacks.

Nonetheless, recent research by Leona Lassak, Elleen Pan, Blase Ur, and Maximilian Golla has identified obstacles hindering the adoption of passkeys in enterprises.

According to their paper, the main barriers to adopting passkeys are:

1) account recovery issues

2) complexity and friction for non-technical users

3) technical issues

4) regulatory requirements

5) security culture

You can find the full paper "Why Aren’t We Using Passkeys? Obstacles Companies Face Deploying FIDO2 Passwordless Authentication" at https://www.usenix.org/system/files/sec24summer-prepub-618-lassak.pdf

---