Passwordless Authentication Using the TKey Device

Abstract

In our increasingly connected digital world, secure access to online services is very important. With the rise of data breaches, phishing attacks, and password reuse, the demand grows for authentication methods that are both highly secure with ease of use. This thesis explores a secure authentication system that removes traditional passwords in favor of using the TKey device, a hardware security token that employs asymmetric cryptography and dynamic key generation. This study covers the necessary theoretical background, the design and implementation of the authentication system, and an analysis of potential security risks. An agile development approach was used to build and test a working prototype, with evaluations made through unit, and usability tests. Additionally, the work discusses the societal and ethical considerations of deploying such technology, including accessibility and data handling, and suggests practical directions for future improvements.