Streamlining Python Development: A Guide to a Modern Project Setup
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
1. Classification: Public
Merck operates as EMD Group in the U.S. and in Canada.
Andreas Pellengahr
Merck KGaA, Darmstadt, Germany
Paris, April 10th, 2024
Own your passkeys, authentication, onboarding & recovery
Moving Beyond
Passwords
3. Classification: Public
Credentials
Store your passkeys in your own FIDO server
Moving Beyond Passwords | for FIDO Paris Seminar | by Merck KGaA | 2024-04-10
3
Self-Controlled
Password
AD
SMS, Call,
Authenticator App
Azure AD
Self-Controlled
Password
AD
+
Self-Controlled
Passkey
Thales, StrongKey, etc.
Foreign
Passkey
Thales, Microsoft,
Google, Okta, etc.
Only Password Password & 2FA Passkey
Decision
6. Classification: Public
Authentication
Sign in exclusively with Passkeys - Advanced Protection
Moving Beyond Passwords | for FIDO Paris Seminar | by Merck KGaA | 2024-04-10
6
Only Passkeys.
Password + MFA is not available.
For all human accounts.
Standard & Privileged.
For all apps.
Account-based rule.
7. Classification: Public
Onboarding and Recovery
Enforce secure verification mechanisms
Moving Beyond Passwords | for FIDO Paris Seminar | by Merck KGaA | 2024-04-10
7
Always verify
No manual workarounds. Not even by admins.
Only trust verified physical assets
SimCard-Check, Passkey-of-colleague, etc.
Don’t trust a single verification
SimCard-Check + Password, etc.