Phishing-resistant authentication is shifting from optional to mandatory. Not only are attackers using phishing as the primary mechanism to evade traditional forms of MFA, but they are also evolving their attacks to find ways around implementations where phishing-resistant auth is only preferred and not enforced. The road to deploying passkeys, Windows Hello for Business and Mac Platform SSO looks easy enough in the Microsoft docs, but what does it look like to implement them as mandatory across a workforce?
In this session we’ll cover how we went from a handful of FIDO2 keys to phishing-resistant authentication across our enterprise in Entra ID at breakneck speeds. We’ll explore the ins-and-outs from a technical and organizational perspective of the implementation, the gotchas we hit along the way, and how we overcame them. We’ll cover edge case scenarios, and how deploying passkeys is just part of the bigger equation to going phishing-resistant. We’ll also examine phishing attack trends we were seeing, which helped inform and shape policy so that phishing-resistant authentication isn’t an option – it’s the only option.
Throughout his 26-year career in the IT field, Eric has sought out and held a diverse range of roles. Currently the Chief Identity Architect for Semperis; Eric previously was a member of the Security Research and Product teams. Prior to Semperis, Eric worked as a Security and Identity... Read More →
Saturday September 12, 2026 11:00am - 12:00pm CDT Swissôtel Chicago323 E Wacker Dr, Chicago, IL 60601, USA
