Phishing-resistant MFA protects one moment: the login. Attackers have noticed. 
They've moved to the enrollment flow, the helpdesk ticket, the session cookie, and the fallback flow that uses a password. 

This session examines architecting phishing resistance as a system-wide property — not a point-in-time event. We'll cover identity verification at enrollment and recovery, proximity-based authentication where hardware tokens aren't viable, architectures that remove passwords entirely, session theft protection, and carrying phishing-resistant trust into environments that don't natively support it. 

Ultimately, this session will cover where gaps in protection are today and what closing them (in real life) looks like. 

Session Presented by: