Passkeys are the latest revolution in web authentication. You may have used it with Google or GitHub. But what exactly is it and how does it work? You will learn all about passkeys in this talk. Software technology has seen leaps and bounds, but we are still relying on passwords when it comes to authentication and security. Weak passwords remain one of the major causes of breaches and security incidents. WebAuthn, the Web Authentication standard, provides a robust framework for passwordless authentication on the web using passkeys. By leveraging public key cryptography and a variety of authentication factors, including biometrics and hardware tokens, passkeys offer enhanced security and usability while eliminating the vulnerabilities associated with traditional password-based systems. In this talk, we will dive into the core concepts of passkeys, its architecture, key components, and pros and cons. We will explore how Java developers can leverage WebAuthn Java libraries to implement passkeys within their applications. We will also learn to use passkeys with Spring Security and external Identity providers. We will see practical examples and code snippets, demonstrating step-by-step integration of passkeys into Java-based web applications.