This blog post is the second in a series focusing on credential phishing. Previously, in the blog The Need for Phishing-Resistant Multi-Factor Authentication, Mukul Hinge explained how threat actors are becoming more sophisticated, using various tools to overcome mitigations. Today’s post digs into the inner workings of Okta FastPass, explaining how it serves to provide strong phishing resistance and device assurance. It’s been about eight months since we made Okta FastPass generally available (GA) to all Okta customers on Okta Identity Engine (OIE). Okta FastPass is deployed at scale, and organizations see over 4 million monthly passwordless authentications. Okta customers like Intercom, Rubrik, and NTT DATA have enabled this frictionless passwordless experience for their end users. What is Okta FastPass? FastPass is a cryptographic multi-factor authenticator that provides passwordless authentication to any SAML, OIDC, or WS-Fed apps in Okta. It is a device-bound authenticator, meaning.