WebAuthn & Passkeys

WebAuthn and Passkeys are standards for passwordless, phishing-resistant authentication based on public-key cryptography. Credentials are stored in secure hardware (such as Secure Elements or device-bound key stores) and are scoped to specific domains, dramatically reducing credential theft and credential stuffing attacks in consumer and enterprise identity systems.