Going Passwordless at Stanford

Tuesday, August 21 | 2:35PM–3:00PM ET
Session Type: Virtual
In realizing our long-term vision of strong user authentication coupled with endpoint security posture enforcement at Stanford, we are now deploying the final component: client certificates that identify both the user and the device. We'll do a deep dive into the underlying systems, while highlighting lessons we learned along the five-year journey. Join us to hear this rare story of dramatically improving security and user experience simultaneously, and learn how you can replicate this success.

Outcomes: Understand the benefits of identity-aware, application layer endpoint security posture enforcement coupled with client certificate-based authentication * Learn how to architect the systems necessary to implement your own version of Stanford's MyDevices and device-specific user certificates * Explore the keys to a successful implementation along with the potential pitfalls


  • Michael Duff

    CISO and Chief Privacy Officer, Stanford University

Resources & Downloads

  • Slides

    1 MB, pdf - Updated on 8/23/2018
  • Transcript

    40 KB, docx - Updated on 8/23/2018
  • Recording

    Updated on 7/14/2021