Announcing DaryaScam: Messaging apps need passkeys ASAPTL;DR: You got phishing, we brought guns.Dec 17, 2024Dec 17, 2024
Passkeys for decision makersMarketing free guide, for managers, CISOs, CEOs, engineers, and normies.Oct 9, 20242Oct 9, 20242
Two years of Passkeys: A reflection pointI have been quiet on writing for the last two years, mostly because I was not sure what to write. The FIDO ecosystem had a complete reboot…Aug 26, 20242Aug 26, 20242
Published inWebAuthn WorksWebAuthn/FIDO2: What’s new in MDS3? Migrating from MDS2 to MDS3.It’s a JSON! It looks like MDS2? Nope, that’s MDS3!May 26, 20211May 26, 20211
Published inWebAuthn WorksWebAuthn/FIDO2: Demystifying attestation and MDSAnswer to all your uncomfortable question about attestation, MDS and MetadataMay 24, 20213May 24, 20213
Why Cloudflare’s CAPTCHA replacement with FIDO2/WebAuthn is a really bad ideaDisclaimer: Thoughts expressed here are my own, and not of my employers.May 13, 20214May 13, 20214
Published inWebAuthn WorksWebAuthn/FIDO2: Verifying Apple Anonymous AttestationPlease note that this is an advance post, and requires prior understanding of the FIDO2 attestations. You can read more about them here.Jan 1, 2021Jan 1, 2021