PASSKEYS - What they are, why we want them and how to use them!
In this video I explore what passkeys are, what is attractive about them for organizations and users, and then how to enable their use along with the user experience.
🔎 Looking for content on a particular topic? Search the channel. If I have something it will be there!
🤔 Due to the channel growth and number of people wanting help I no longer can answer or even read questions and they will just stay in the moderation queue never to be seen so please post questions to other sites like Reddit, Microsoft Community Hub etc.
▬▬▬▬▬▬ C H A P T E R S ⏰ ▬▬▬▬▬▬
00:00 - Introduction
00:30 - Authentication history
02:04 - Why Authenticator wasn't phishing resistant
07:40 - Need protection from social engineering
07:51 - Passkeys
08:30 - Built on PKI
10:40 - Passwordless FIDO2
12:07 - How this works
13:04 - Relying Party
13:33 - Client
13:52 - Authenticator
14:41 - Public and private keys
16:21 - Authentication flow
18:23 - Need for a user gesture and intent
20:08 - Presence and proximity
21:25 - The promise of the protocol
22:42 - Additional detail
23:48 - WebAuthn use
24:53 - Relying Party ID
25:54 - WebAuthn client checks
28:22 - Javascript and API calls
29:36 - Key benefits for protection
33:32 - Presence and CTAP
36:47 - Bluetooth use
37:16 - Cross-device authentication
37:52 - How many passkeys
40:25 - Authenticator options
41:29 - Types of passkey
46:47 - Authenticator can roam
47:51 - Where can passkeys be used
49:11 - What is different from before
51:07 - Using with Entra
53:52 - Enabling passkeys in Entra
55:09 - User passkey addition
55:55 - Using a passkey
57:58 - Using passkey on same device
1:00:06 - Cross-device authentication
1:02:52 - Microsoft accounts
1:03:51 - Always synced
1:05:42 - MSA passkey CDA demo
1:07:52 - Summary
1:10:05 - Close
▬▬▬▬▬▬ K E Y L I N K S 🔗 ▬▬▬▬▬▬
► Whiteboard:
🔗 raw.githubusercontent.com/joh...
► Microsoft Documentation
🔗 learn.microsoft.com/entra/ide...
▬▬▬▬▬▬ Want to learn more? 🚀 ▬▬▬▬▬▬
📖 Recommended Learning Path for Azure
🔗 learn.onboardtoazure.com
🥇 Certification Content Repository
🔗 github.com/johnthebrit/Certif...
📅 Weekly Azure Update
🔗 • Azure Infrastructure U...
☁ Azure Master Class
🔗 • Microsoft Azure Master...
⚙ DevOps Master Class
🔗 • DevOps Master Class
💻 PowerShell Master Class
🔗 • PowerShell Master Class
🎓 Certification Cram Videos
🔗 • Microsoft Certificatio...
🧠 Mentoring Content
🔗 • Virtual Mentoring
❔ Questions? Maybe I answered it in my FAQ
🔗 savilltech.com/faq
👕 Cure Childhood Cancer Charity T-Shirt Channel Store
🔗 johns-t-shirts-store.creator-...
👂 Enable the subtitles and from there you can translate to your native language via the auto-translate feature in settings! • KZread Captions and A... for a demo of using this feature.
SUBSCRIBE ✅ / @ntfaqguy
#microsoft #passkeys #johnsavillstechnicaltraining
Пікірлер: 53
Passkeys are everywhere so in this video we dive into what they are, what's good about them and how to use them. Please make sure to read the description for the chapters and key information about this video and others. ⚠ P L E A S E N O T E ⚠ 🔎 If you are looking for content on a particular topic search the channel. If I have something it will be there! 🕰 I don't discuss future content nor take requests for future content so please don't ask 😇 🤔 Due to the channel growth and number of people wanting help I no longer can answer or even read questions and they will just stay in the moderation queue never to be seen so please post questions to other sites like Reddit, Microsoft Community Hub etc. 👂 Translate the captions to your native language via the auto-translate feature in settings! kzread.info/dash/bejne/qGmWl5VmgMqrnaw.html for a demo of using this feature. Thanks for watching! 🤙
If there are "Emmy Awards" for tech training, this lesson should be nominated! Awesome stuff John! Thank you!
@NTFAQGuy
11 күн бұрын
lol, well thank you and glad you enjoyed it!
@IlkinJamalli
Күн бұрын
Absolutely agree! Thanks John!
Best presentation on the topic I have seen yet... but why am I not surprised ;-)
@NTFAQGuy
12 күн бұрын
very kind, thank you!
Best FIDO2 explanation ever…will most likely watch this again. Thanks a bunch John!
@NTFAQGuy
9 күн бұрын
Very kind, thank you!
New levels of understanding passkeys achieved thanks to your video and style. As always your work and effort towards the community is appreciated.
@NTFAQGuy
8 күн бұрын
Many thanks! Have a good weekend!
Thank you for making this so simplified, sir.
Found this very informative and enabled passkeys on my Outlook and Gmail accounts. Thanks for the video John.
I've watched this twice and will probably watch it again as I develop my Proof of Concept to demonstrate the business case to move "rapidly" to passkey authentication. Great explanation, and as a visual learner, the whiteboard accompaniment was awesom!
@NTFAQGuy
10 күн бұрын
Excellent, glad it was useful.
Incredible as always John!
Excellent explanation. Thank you.
This really helped me understand the main difference between the FIDO2 and Authentication Apps. Also the device bound and sync passkeys was a unique distinction.
Very informative and helpful, as always. Thank you, John!
@NTFAQGuy
12 күн бұрын
My pleasure!
Another great video John - that deep dive helping the understand what is going on with PassKeys and the way you explain it is great, thanks again!
@NTFAQGuy
12 күн бұрын
Glad you enjoyed it
Excellent deep dive. Thanks John.
@NTFAQGuy
11 күн бұрын
Glad you enjoyed it
This was a great video and thorough. Thanks John. I should make use of my Yubikey now lol!!
you're a born communicator!
Very impressive and very clear as usual. Thanks from France !
@NTFAQGuy
3 күн бұрын
Many thanks!
Really appreciate this (and all your content tbh!), thanks John.
@NTFAQGuy
9 күн бұрын
Very welcome!
As always sir, I applaud the fantastic detail and clear communication you bring to complicated topics on the regular. This is just another fine example in a catalog of fantastic content. Well done!
@NTFAQGuy
12 күн бұрын
Glad it was helpful!
Excellent video, as always!
@NTFAQGuy
12 күн бұрын
Glad you enjoyed it!
I've been hooked on your videos. You're able to pick the right topics, at the right time, where general resources are missing key information. Well done and thank you!
@NTFAQGuy
8 күн бұрын
Thanks!
This feature comes at the right time for me. We're about to create the cloud admins for the IT responsables in our subsidiaries. The plan was to buy a FIDO2 stick for every cloud admin. We don't need that now, because we can use passkeys. Although, I still prefer a physical stick for the high privileged roles.
Deployed in our dev environment after watching this. Thanks again John.
@NTFAQGuy
9 күн бұрын
nice!
Awesome!
Great video John. Seems like every time I'm thinking about deploying a new feature at work you come out with a video about it. Guess it's a sign that I have to deploy it now!
@NTFAQGuy
9 күн бұрын
Go for it!
It would be VERY nice, if Microsoft would allow the Device Bound Passkeys to be used as a "fallback" mechanism if case a user lost the Windows Hello PIN or the Biometric Device is not working or faulty. Microsoft Authenticator with Number Matching is working today, so it should be possible to be used. Thank you for your interesting videos, John!
@StijnHommes
10 күн бұрын
And how are you then supposed to unlock the device-bound passkey if the biometrics are faulty?
Top notch as always! Question on BLE proximity - If Bluetooth is disabled on my phone will CDA+CTAP still work? Meaning - both devices need to have BT capability but not necessarily have it on, or it needs to be enabled and on for both devices?
@NTFAQGuy
12 күн бұрын
Need bluetooth on both.
What are the chances of the Superman t-shirt turning up the same week James Gunn releases the first image of the new Superman?
👋👋👋
I guess as a techie trying to login to say azure portal inside a vm or vdi session - i’m stuffed because there’s no proximity between my phone and the device - which is the whole point, but sometimes you need to - say for installing certain services and you need to sign into the portal inside a machine
@NTFAQGuy
12 күн бұрын
Right remote is an intresting challenge today.
18:16 so how does this help with a man in the middle? He can monitor the reply and use it the next time.
@NTFAQGuy
12 күн бұрын
Because the server sends that nonce which is unique each time. Can't replay old response.