Knogin
[Módulos Principales]

Authentication: Passwordless Passkeys and WebAuthn

Passwordless Authentication delivers FIDO2/WebAuthn-based passkey authentication with biometric verification and hardware token support.

Metadatos del modulo

Passwordless Authentication delivers FIDO2/WebAuthn-based passkey authentication with biometric verification and hardware token support.

Volver a la Lista

Referencia de origen

content/modules/auth-passwordless-passkeys.md

Última Actualización

23 feb 2026

Categoría

Módulos Principales

Checksum de contenido

9361f5032a3c6714

Etiquetas

modulescomplianceblockchain

Documentacion renderizada

Esta pagina renderiza Markdown y Mermaid del modulo directamente desde la fuente publica de documentacion.

Overview#

Passwordless Authentication delivers FIDO2/WebAuthn-based passkey authentication with biometric verification and hardware token support. The platform eliminates passwords while achieving high authentication success rates and sub-second login times. Organizations can deploy phishing-resistant, passwordless authentication using platform authenticators (Face ID, Touch ID, Windows Hello), cross-platform authenticators (USB security keys, NFC devices), and hardware tokens (YubiKey, Titan Security Key).

Key Features#

Passkey Registration and Management#

Register passkeys in under 30 seconds using biometric sensors or hardware tokens. Support for multiple credentials per user for backup and multi-device access. User-friendly management interface for renaming, deleting, and prioritizing registered passkeys.

Biometric Authentication#

Native platform biometric integration with Face ID, Touch ID, Windows Hello, and Android biometric APIs. Platform-level liveness detection and secure enclave storage ensure private keys never leave the device. Sub-second authentication from credential presentation to session establishment.

Hardware Token Support#

Full support for FIDO2 security keys including YubiKey (all models), Google Titan, Feitian, and Thetis devices. Hardware tokens provide physical-presence authentication for high-security environments and serve as backup credentials for account recovery.

Cross-Platform Passkeys#

Authenticate on desktop using passkeys stored on mobile devices via FIDO2 cross-platform authentication with secure QR code and Bluetooth pairing. Works across Chrome, Safari, Edge on Windows, macOS, iOS, and Android.

Account Recovery#

Multiple recovery methods without security questions or email resets: backup passkeys, synced credentials via iCloud Keychain or Google Password Manager, admin-assisted recovery with multi-factor identity verification, and offline recovery passkeys for complete device loss scenarios.

Zero Phishing Risk#

Public-key cryptography with origin binding prevents credential theft and replay attacks. Private keys are generated and stored in device hardware security modules and never transmitted to the server.

Use Cases#

  • Enterprise Authentication: Replace password-based login with phishing-resistant biometric authentication across the organization while maintaining compliance with NIST 800-63B AAL3.
  • High-Security Operations: Hardware token enforcement for administrative access, financial transactions, and classified information handling.
  • Multi-Device Workers: Authenticate seamlessly across personal and work devices using synced passkeys or cross-platform QR code authentication.

Integration#

Available through authentication API with registration and verification operations. Supports FIDO2 Level 2 certification, NIST 800-63B AAL3, and PCI DSS SCA compliance. Complete audit logs for every passkey action with configurable retention policies.

Last Reviewed: 2026-02-23