Passkeys and FIDO-based authentication are widely recognized as a major step forward in eliminating phishing and reducing reliance on passwords. Yet many enterprise initiatives struggle to move beyond pilots into sustainable, large‑scale deployment.

This session focuses not on why passkeys matter, but how to deploy and operate them successfully in real enterprise environments. Drawing on field experience from large organizations, we explore the operational challenges that often slow adoption: fragmented enrollment processes, inconsistent policies, lost or locked authenticators, helpdesk overload, and the lack of visibility across the authenticator lifecycle.

Attendees will learn practical best practices for accelerating passkey adoption while maintaining control, including centralized policy management, secure enrollment models (IT-assisted and self-service), lifecycle events such as revocation and recovery, and the importance of auditability and inventory tracking for compliance and operations teams. We will also discuss how passkeys can coexist with existing identity providers and legacy authentication methods without disrupting users or IT workflows.

This talk is designed for CISOs, IAM leaders, and security architects looking to move from experimentation to enterprise-grade passkey programs that scale securely, reduce operational friction, and deliver on the promise of phishing-resistant authentication.