All news with #webauthn tag

Amazon DCV 2025.0 Adds WebAuthn, ARM, and Keyboard Support

🔒 Amazon DCV 2025.0 is the latest release of the high-performance remote display protocol, delivering enhanced security and productivity for virtual desktop and application sessions. The update adds WebAuthn redirection on Windows and browser-based WebAuthn on Linux to enable security-key authentication in native and SaaS apps, plus server-side keyboard layout handling and alignment for Windows clients to improve input consistency. Other improvements include Linux client support for ARM, Windows Server 2025 host compatibility, and scroll wheel optimizations for smoother navigation. See AWS documentation and the DCV product page for full release notes.

Synced Passkeys: Enterprise Risks and Mitigations Guide

🔒 The article warns that deploying synced passkeys introduces enterprise exposure because they inherit risks tied to cloud accounts and recovery processes. It highlights practical attack vectors — including AiTM-based authentication downgrades and malicious browser extensions — that can bypass or capture passkeys. The author recommends mandatory use of device-bound, hardware-backed authenticators and strict enrollment and recovery controls to preserve phishing-resistant access.