Passkeys

Passkeys represent a modern and simplified approach to secure user authentication. Unlike traditional passwords, which require the user to remember and enter a series of characters, passkeys use a public key cryptographic model to authenticate users. They are designed to make the login process more seamless and secure, reducing the reliance on passwords that can be forgotten, stolen, or phished.

At a high level, passkeys work by creating a pair of cryptographic keys, one stored securely on the user’s device (private key) and one stored on the Infor server (public key). When you log in, the service verifies the private key through your biometric authentication, such as a like fingerprint or facial recognition, or a PIN. Since the private key never leaves the device, passkeys provide a highly secure and phishing-resistant authentication method.

If the administrator has enabled the Passkey feature, passkeys become available for all Cloud Identity users. Passkeys provide an additional layer of security during the login process. To authenticate you, the server requests your device to prove it possesses the private key associated with the stored public key. Passkeys authenticate through biometrics or a PIN and use both a public key and a private key. The public key is shared with the service provider, while the private key is stored securely on your device. Passkeys provide enhanced protection against credential theft methods such as phishing attacks and database leaks.

Once the administrator has enabled the Passkey feature for the tenant, Passkeys will become available for Cloud Identity users. Passkeys provide an additional layer of security during the login process. To authenticate, the server requests the user's device to prove it possesses the private key associated with the stored public key. Users utilizing Passkeys will authenticate through biometrics or a PIN. Passkeys involve the use of a pair of cryptographic keys: a public key and a private key. The public key is shared with the service provider, while the private key is stored securely on the user’s device. Passkeys are resistant to common credential theft methods, such as brute force attacks or database leaks.

Security benefits of using passkeys over passwords

Passkeys offer several advantages over traditional password-based authentication, including:

  • Phishing resistance: Passkeys eliminate the need for users to enter passwords, making them immune to phishing attacks.
  • No credential reuse: Since passkeys are unique to each site, users cannot reuse them across different applications, reducing credential-stuffing risks.
  • Eliminates password-based attacks: No risk of brute force, dictionary, or credential stuffing attacks, as passkeys do not rely on shared secrets.
  • Seamless user experience: Users can authenticate using biometrics (fingerprint, facial recognition), PIN, or a FIDO2 security key, improving ease of access without compromising security.
  • Multi-device synchronization: In supported ecosystems, passkeys are securely stored and synchronized across devices, allowing seamless login experiences.

Passkey enablement

Administrators assigned the Infor-SystemAdministrator or IFSApplicationAdmin security roles can enable and disable the Passkey feature. The Enable access using Passkey for Infor Cloud Identities setting is located within the Infor Cloud Identities Configuration user interface. Navigate to Security (Infor OS) application > Security Administration > Settings > Infor Cloud Identities > Configuration. To save the changes and apply the new feature to the Cloud Identities sign-in page, click the save icon in the top-left corner of the page.

Passkeys are available to all users who have access to Infor Cloud Identities.