5.1.4 Passkeys (WebAuthn)

Overview

Thinfinity® Workspace currently supports authentication via passkeys — a digital credential designed to replace traditional passwords for logging into websites and applications. This method is based on public-key cryptography.

To use this method, the device must have an unlock mechanism configured, such as a PIN or a biometric option (face or fingerprint recognition).

Key Benefits of Passkeys

No need to remember, type, or manage passwords.

• Enhanced security:

  • Phishing-resistant: Passkeys are tied to a specific website. If someone tries to use them on a phishing site, they simply won’t work, protecting you from such attacks.

  • Immune to data breaches: Since private keys never leave your device and are not stored like passwords in a database, passkeys are much more resistant to security breaches.

  • Eliminates password reuse: With no password to reuse, this common attack vector is removed.

• Cross-device sync: Many passkeys (such as those from Google or Apple) can securely sync across devices within the same ecosystem, allowing you to access your accounts from any trusted device without repeated configuration.

• Privacy: Your biometric data (fingerprint or facial recognition) never leaves your device. It is only used locally to unlock the private key.

Configure Passkey on Thinfinity Workspace

Passkeys can currently be configured through the Thinfinity Workspace Web Manager by navigating to the user profile Settings tab > Authentication > Authentication Methods tab > Add > Passkey.