Bypass Resistance - The New Passkey Strategy Beyond Phishing Resistance

Learn how to build bypass-resistant security beyond traditional passkey implementations in this 20-minute conference session from Microsoft Ignite 2025. Explore real-world bypass attack examples including incidents at Uber and MGM, then discover how attackers exploit vulnerabilities in help desk operations, enrollment processes, and self-service recovery systems to circumvent multi-factor authentication entirely. Examine the collaboration between RSA and Microsoft to secure the complete credential lifecycle and identify critical blind spots that threat actors commonly target. Watch a comprehensive demonstration of secure MFA enrollment and identity proofing processes, including password reset procedures through company verification URLs and authentication via conditional access policies. Gain insights into building a comprehensive security posture that addresses both phishing resistance and bypass resistance, with practical strategies for protecting against sophisticated social engineering attacks that target organizational weak points beyond technical authentication mechanisms.