-
Move beyond passwords
Despite their prevalence, passwords inherently come with challenges that make them poorly suited to securing someone's online accounts. Learn more about the challenges passwords pose to modern security and how to move beyond them. Explore the next frontier in account security with secure-by-design, public-key-based credentials that use the Web Authentication standard. Discover in this technology preview how Apple is approaching this standard in iOS 15 and macOS Monterey.
Recursos
- Connecting to a service with passkeys
- Supporting Security Key Authentication Using Physical Keys
- Supporting passkeys
- 2020 Data Breach Investigations Report
Vídeos relacionados
WWDC21
-
Buscar neste vídeo...
-
-
17:32 - Register an account
// Register an account func createAccount(with challenge: Data, name: String, userID: Data) { let provider = ASAuthorizationPlatformPublicKeyCredentialProvider( relyingPartyIdentifier: "example.com") let registrationRequest = provider.createCredentialRegistrationRequest( challenge: challenge, name: name, userID: userID) let controller = ASAuthorizationController( authorizationRequests: [ registrationRequest ]) controller.delegate = … controller.presentationContextProvider = … controller.performRequests() } -
17:39 - Sign in
// Sign in func signIn(with challenge: Data) { let provider = ASAuthorizationPlatformPublicKeyCredentialProvider( relyingPartyIdentifier: "example.com") let assertionRequest = provider.createCredentialAssertionRequest(challenge: challenge) let controller = ASAuthorizationController( authorizationRequests: [ assertionRequest ]) controller.delegate = … controller.presentationContextProvider = … controller.performRequests() } -
17:41 - Handle returned credentials
// Handle returned credentials func authorizationController(controller: ASAuthorizationController, didCompleteWithAuthorization authorization: ASAuthorization) { switch authorization.credential { case let registration as ASAuthorizationPlatformPublicKeyCredentialRegistration: let attestationObject = registration.rawAttestationObject let clientDataJSON = registration.rawClientDataJSON // Verify on your server and finish creating the account. case let assertion as ASAuthorizationPlatformPublicKeyCredentialAssertion: let signature = assertion.signature let clientDataJSON = assertion.rawClientDataJSON // Verify on your server and finish signing in. case …: … } }
-