After an extensive test phase, SCC now also offers a password-free procedure based on passkeys for all KIT accounts for logging into the central Web Single Sign-On (SSO).
Passkeys significantly increase the level of security
To log in with a passkey, personal devices such as notebooks, smartphones and USB authentication sticks are linked to your own account and the login service used. The device then only needs to be unlocked using a fingerprint, facial recognition or PIN to log in. This offers increased convenience and security compared to conventional methods with user IDs and passwords.
The following principles improve security:
- A cryptographic key pair is created on the registered device, of which the private key remains in the device. Only this non-readable key matches the public key that is stored when registering with the SSO service.
- During registration, the passkey on the authenticating device is linked to the domain for which it is issued, so that phishing attacks from cleverly disguised third-party domains (e.g. kit.de) are no longer possible.
The service description contains all information on how to set up the passwordless procedure recommended by SCC at KIT.