Passkeys for improved UX and security

This 2FA system is integrated with passkeys to make the user experience seamless meanwhile also increasing security for the user.

Passkeys are gaining popularity as a phishing-resistant passwordless approach to user authentication.

• As a FIDO credential, a passkey is a key pair that uses standard public key cryptography to prove a user's identity without sharing any secrets.

• A passkey is bound to both a user account and a website or application. This means that when a new passkey is created, it is automatically associated with the user ID and the Relying Party ID — typically its domain, in the case of a website.

• Passkeys are discoverable. This means that they can be automatically detected and used by clients to perform user authentication. When the user initiates the authentication process, the authenticator doesn't need to know the user's ID. It uses the relying party ID to find the correct passkey to authenticate against that website. This frees the user from having to enter their user ID and ensures that a bad actor can't trick them into signing in to a fake website.