Related papers: The Passwordless Authentication with Passkey Technology from an Implementation Perspective

The Passwordless Authentication with Passkey Technology from an Implementation Perspective

URL: http://arxiv.org/abs/2508.11928v1
Date: Sat, 16 Aug 2025 06:17:59 GMT
Title: The Passwordless Authentication with Passkey Technology from an Implementation Perspective
Authors: Lien Tran, Boyuan Zhang, Ratchanon Pawanja, Rashid Hussain Khokhar,
Abstract summary: New authentication technologies have shifted from traditional password-based logins to passwordless security.<n>This paper highlights the key techniques used during the implementation of the authentication system with Passkey technology.
Score: 0.5249805590164902
License: http://creativecommons.org/licenses/by-nc-sa/4.0/
Abstract: With the rise of sophisticated authentication bypass techniques, passwords are no longer considered a reliable method for securing authentication systems. In recent years, new authentication technologies have shifted from traditional password-based logins to passwordless security. Among these, Time-Based One-Time Passwords (TOTP) remain one of the most widely used mechanisms, while Passkeys are emerging as a promising alternative with growing adoption. This paper highlights the key techniques used during the implementation of the authentication system with Passkey technology. It also suggests considerations for integrating components during system development to ensure that users can securely access their accounts with minimal complexity, while still meeting the requirements of a robust authentication system that balances security, usability, and performance. Additionally, by examining TOTP and Passkey mechanisms from an implementation perspective, this work not only addresses major security concerns such as password leaks, phishing attacks, and susceptibility to brute-force attacks, but also evaluates the feasibility and effectiveness of these mechanisms in real-world implementations. This paper demonstrates the superior security of Passkey technology and its potential for broader adoption in secure authentication systems.

Related papers

Binding Agent ID: Unleashing the Power of AI Agents with accountability and credibility [46.323590135279126]
BAID (Binding Agent ID) is a comprehensive identity infrastructure establishing verifiable user-code binding.<n>We implement and evaluate a complete prototype system, demonstrating the practical feasibility of blockchain-based identity management and zkVM-based authentication protocol.
arXiv Detail & Related papers (2025-12-19T13:01:54Z)
An In-Depth Systematic Analysis of the Security, Usability, and Automation Capabilities of Password Update Processes on Top-Ranked Websites [46.750111141477646]
We perform the first systematic analysis of 111 password update processes deployed on top-ranked websites.<n>Websites deploy highly diverse, often complex, confusing password update processes and lack the support of password managers.<n>We give recommendations for web developers, the web standardization community, and security researchers.
arXiv Detail & Related papers (2025-11-13T09:18:07Z)
AdaptAuth: Multi-Layered Behavioral and Credential Analysis for a Secure and Adaptive Authentication Framework for Password Security [0.24366811507669114]
We propose a multifaceted solution designed to revolutionize password security.<n>Our framework constructs detailed user profiles capable of recognizing individuals and preventing nearly all forms of unauthorized access or device possession.
arXiv Detail & Related papers (2025-10-04T11:36:37Z)
2FA: Navigating the Challenges and Solutions for Inclusive Access [55.2480439325792]
Two-Factor Authentication (2FA) has emerged as a critical solution to protect online activities.<n>This paper examines the intricacies of deploying 2FA in a way that is secure and accessible to all users.<n>An analysis was conducted to examine the implementation and availability of various 2FA methods across popular online platforms.
arXiv Detail & Related papers (2025-02-17T12:23:53Z)
Device-Bound vs. Synced Credentials: A Comparative Evaluation of Passkey Authentication [0.0]
With passkeys, the FIDO Alliance introduces the ability to sync FIDO2 credentials across a user's devices through passkey providers.<n>This aims to mitigate user concerns about losing their devices and promotes the shift toward password-less authentication.<n>We show how credential syncing has also created a debate among experts about their security guarantees.
arXiv Detail & Related papers (2025-01-13T15:00:18Z)
Privacy-Preserving and Simultaneous Authentication in High-Density V2X Networks [1.2023648183416153]
Internet of Vehicles (IoV) networks require secure and efficient authentication to support high-speed, high-density and mobility-challenged environments.<n>This paper presents a privacy-preserving authentication scheme that incorporates batch authentication, mutual authentication, and secure key establishment.<n>Results from realistic implementations show that our method achieves average authentication and verification times of 10.61 ms and 1.78 ms, respectively, for a fleet of 100 vehicles, outperforming existing methods.
arXiv Detail & Related papers (2025-01-10T16:35:56Z)
ACRIC: Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
Recent security incidents in safety-critical industries exposed how the lack of proper message authentication enables attackers to inject malicious commands or alter system behavior.<n>These shortcomings have prompted new regulations that emphasize the pressing need to strengthen cybersecurity.<n>We introduce ACRIC, a message authentication solution to secure legacy industrial communications.
arXiv Detail & Related papers (2024-11-21T18:26:05Z)
AEAKA: An Adaptive and Efficient Authentication and Key Agreement Scheme for IoT in Cloud-Edge-Device Collaborative Environments [7.106119177152857]
We propose an adaptive and efficient authentication and key agreement scheme (AEAKA) for Cloud-Edge-Device IoT environments. AEAKA is highly adaptive and scalable, capable of automatically and dynamically initiating different authentication methods based on device requirements. It employs an edge-assisted authentication approach to reduce the load on third-party trust authorities.
arXiv Detail & Related papers (2024-11-14T06:55:27Z)
The Power of Bamboo: On the Post-Compromise Security for Searchable Symmetric Encryption [43.669192188610964]
Dynamic searchable symmetric encryption (DSSE) enables users to delegate the keyword search over dynamically updated databases to an honest-but-curious server. This paper studies a new and practical security risk to DSSE, namely, secret key compromise. We introduce the notion of searchable encryption with key-update (SEKU) that provides users with the option of non-interactive key updates.
arXiv Detail & Related papers (2024-03-22T09:21:47Z)
A Novel Protocol Using Captive Portals for FIDO2 Network Authentication [45.84205238554709]
We introduce FIDO2CAP: FIDO2 Captive-portal Authentication Protocol. We develop a prototype of FIDO2CAP authentication in a mock scenario. This work makes the first systematic approach for adapting network authentication to the new authentication paradigm relying on FIDO2 authentication.
arXiv Detail & Related papers (2024-02-20T09:55:20Z)
A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z)
A Review of Password-less User Authentication Schemes [0.0]
Review examines password-less authentication schemes that have been proposed since after the death knell was placed on passwords in 2004. We evaluate the truly password-less and practical schemes based on their impact on user experience, overall security, and ease of deployment.
arXiv Detail & Related papers (2023-12-05T15:57:40Z)
Blockchain-based Zero Trust on the Edge [5.323279718522213]
This paper proposes a novel approach based on Zero Trust Architecture (ZTA) extended with blockchain to further enhance security. The blockchain component serves as an immutable database for storing users' requests and is used to verify trustworthiness by analyzing and identifying potentially malicious user activities. We discuss the framework, processes of the approach, and the experiments carried out on a testbed to validate its feasibility and applicability in the smart city context.
arXiv Detail & Related papers (2023-11-28T12:43:21Z)

This list is automatically generated from the titles and abstracts of the papers in this site.