Brett Winterford and Harish Chakravarthy demonstrate to host Patrick Gray how Okta can be used for passwordless authentication. These phishing resistant authentication flows — even if they are not rolled out to all users — can also be used as a high-quality signal of phishing attempts that can be used to trigger automated follow-on actions.

00:00 - Start
00:07 - Introductions
01:11 - Demo Overview
02:34 - Device-bound authentication
05:19 - Okta dashboard overview
06:11 - Authenticators
07:03 - Passwordless authentication policies
07:51 - Creating a new user
08:56 - Enroll FIDO2 key
11:38 - Touch ID enrollment
14:21 - Phishing resistance
16:45 - Phishing detection workflows
18:44 - Event hooks
20:30 - False positive checks
20:53 - Event history
22:14 - Authentication reset flows
23:25 - Slack notifications
24:28 - Using phishing resistance as a signal