Your Passkey is Weak - Phishing the Unphishable

Explore a critical security vulnerability in this 24-minute DEF CON 33 conference talk that challenges the widely-held belief that passkeys are immune to phishing attacks. Learn how synced passkeys, despite being marketed as "phishing-resistant," can actually expose organizations to new security risks through a demonstrated phishing attack methodology. Discover the technical details behind exploiting passkey weaknesses and gain practical guidance on implementing responsible passkey usage policies to protect your organization from these emerging threats.