Session Abstract: Authentication is solved, right? We have the best standards ever to cope with every single use case, such as authentication delegation with OIDC, phishing-resistant authentication with FIDO2, device flow for IoT devices, CIBA to decouple access device and authentication device, and so on. So it's just a matter of throwing all this to IT and calling it a day, right? Of course that's not right. This session will show where authentication is not working out-of-the box with some very real and not-so-edge cases. We're talking factory workers, retail workers, healthcare professionals, desktop clients, shared sessions, single sign-on across desktop clients as well as web clients and even workstation sign-in. In each of these situations, we tried to design working solutions to resolve current difficulties using standards and available market solutions when possible. This session will describe a few of the designs we came up with, all of which are now used by thousands (and some millions) worldwide.