Going Passwordless at Stanford (Part II)

Wednesday, May 15 | 8:00AM–9:00AM CT | Vevey 1-2, Second Floor Event Centre
Session Type: Breakout Session
Delivery Format: Interactive Presentation
Realizing our long-term vision of strong user authentication coupled with endpoint security posture enforcement at Stanford, last year we deployed the final component: client certificates that strongly authenticate both the user and the device. We'll describe the underlying systems and key design decisions while highlighting lessons we learned along our six-year journey. Join us to hear this rare story of dramatically improving security and user experience simultaneously, and learn how you can replicate this success with a fraction of the resources. This is a continuation of last year’s talk, with a focus on our deployment over the past year.

Outcomes: Understand the benefits of identity-aware, application layer endpoint security posture enforcement coupled with client certificate-based authentication * Learn how to architect the systems necessary to implement your own version of Stanford's Cardinal Key service * Explore the keys to a successful implementation and rollout along with the potential pitfalls


  • Michael Duff

    CISO and Chief Privacy Officer, Stanford University

Resources & Downloads

  • Going Passwordless at Stanford

    Updated on 11/21/2022