Explore the security of passkeys: how they work, their advantages over passwords, potential risks, and best practices for secure implementation in software development.
The post Understanding the Security of Passkeys appeared first on Security Boulevard.
The International Association of Cryptologic Research—the academic cryptography association that’s been putting conferences like Crypto (back when “crypto” meant “cryptography”) and Eurocrypt since the 1980s—had to nullify an online election when trustee Moti Yung lost his decryption key.
For this election and in accordance with the bylaws of the IACR, the three members of the IACR 2025 Election Committee acted as independent trustees, each holding a portion of the cryptographic key material required to jointly decrypt the results. This aspect of Helios’ design ensures that no two trustees could collude to determine the outcome of an election or the contents of individual votes on their own: all trustees must provide their decryption shares.
Unfortunately, one of the three trustees has irretrievably lost their private key, an honest but unfortunate human mistake, and therefore cannot compute their decryption share. As a result, Helios is unable to complete the decryption process, and it is technically impossible for us to obtain or verify the final outcome of this election.
The group will redo the election, but this time setting a 2-of-3 threshold scheme for decrypting the results, instead of requiring all three
One of the world’s premier security organizations has canceled the results of its annual leadership election after an official lost an encryption key needed to unlock results stored in a verifiable and privacy-preserving voting system.
The International Association of Cryptologic Research (IACR) said Friday that the votes were submitted and tallied using Helios, an open source voting system that uses peer-reviewed cryptography to cast and count votes in a verifiable, confidential, and privacy-preserving way. Helios encrypts each vote in a way that assures each ballot is secret. Other cryptography used by Helios allows each voter to confirm their ballot was counted fairly.
Per the association’s bylaws, three members of the election committee act as independent trustees. To prevent two of them from colluding to cook the results, each trustee holds a third of the cryptographic key material needed to decrypt results.
© Getty Images
Akira ransomware is exploiting MFA push-spam, weak VPN security and identity gaps. Learn why these attacks succeed and the counter-playbook defenders must deploy now.
The post The Akira Playbook: How Ransomware Groups Are Weaponizing MFA Fatigue appeared first on Security Boulevard.
Explore the limitations of passkeys in authentication. Learn about device dependency, adoption challenges, interoperability issues, and recovery complexities to make informed decisions.
The post What Are the Limitations of Passkeys? appeared first on Security Boulevard.
Add passwordless login to Umbraco using MojoAuth. Step-by-step OIDC setup, passkeys, OTP, and a full GitHub example for secure, modern authentication.
The post How to Add Passwordless Authentication to Umbraco Using MojoAuth appeared first on Security Boulevard.
Passkeys beat passwords in security and usability, but recovery gaps create new risks. Explore why digital identity still needs a constitutional backstop beyond passkeys.
The post The Future of Passwords: Kill Them in the Flow, Keep Them in the Constitution appeared first on Security Boulevard.
Learn how MojoAuth enhances popular SaaS development kits like ShipFast, Supastarter, Divjoy, and SaaS Pegasus with powerful passwordless authentication — including passkeys, OTPs, and WebAuthn support.
The post Integrate MojoAuth with Popular SaaS Kits like ShipFast, Divjoy, SaaS Pegasus, and Supastarter for Next-Gen Passwordless Login appeared first on Security Boulevard.
For years, HYPR and Yubico have stood shoulder to shoulder in the mission to eliminate passwords and improve identity security. Yubico’s early and sustained push for FIDO-certified hardware authenticators and HYPR’s leadership as part of the FIDO Alliance mission to reduce the world’s reliance on passwords have brought employees and customers alike into the era of modern authentication.
Today, that partnership continues to expand. As enterprise adoption of YubiKeys continues to accelerate worldwide, HYPR and Yubico are proud to announce innovations that help enterprises to further validate that the employees receiving or using their YubiKeys are assured to the highest levels of identity verification.
HYPR Affirm, a leading identity verification orchestration product, now integrates directly with Yubico’s provisioning capabilities, enabling organizations to securely verify, provision, and deploy YubiKeys to their distributed workforce with full confidence that each key is used by the right, verified individual.
The post HYPR and Yubico Deepen Partnership to Secure and Scale Passkey Deployment Through Automated Identity Verification appeared first on Security Boulevard.
Discover passkeys, the next-generation authentication method replacing passwords. Learn how passkeys work, their security advantages, and how they're shaping software development.
The post What Are Passkeys and How Do They Work? appeared first on Security Boulevard.
Compare the best Stytch alternatives for passwordless authentication after the Twilio acquisition. Developer-first analysis of MojoAuth, SSOJet, Auth0, WorkOS, Supabase Auth and Clerk — features, pricing and integration insights.
The post Stytch Alternatives for Passwordless Authentication appeared first on Security Boulevard.
Explore passkeys for mobile devices: what they are, how they work, their security advantages, and implementation strategies for developers.
The post What is a Passkey for Mobile Devices? appeared first on Security Boulevard.
Explore the key differences between facial recognition and passkeys for authentication. Understand their unique concepts, security implications, and use cases in software development.
The post Are Facial Recognition and Passkeys the Same? Exploring Key Concepts appeared first on Security Boulevard.
Login