Platforms 42. Passkeys Assess The “end of passwords” might be near, finally. Shepherded by the FIDO alliance and backed by Apple, Google and Microsoft, passkeys are nearing mainstream usability. When setting up a new login with passkeys, a key pair is generated: the website receives the public key and the user keeps the private key. Handling login uses asymmetric cryptography. The user proves that they’re in possession of the private key, but, unlike passwords, it’s never sent to the website. On users’ devices, access to passkeys is protected using biometrics or a PIN. Passkeys can be stored and synced within the Big Tech ecosystems, using Apple’s iCloud Keychain, Google Password Manager or Windows Hello. In most cases this works only with recent OS and browser versions. Notably, storing passkeys in Windows Hello is not supported on Windows 10. Fortunately, though, the Client to Authenticator Protocol (CTAP) makes it possible for passkeys to be kept on a different device other than the one that creates the key or needs it for login. For example, a user creates a passkey for a website on Windows 10 and stores it on an iPhone by scanning a QR code. Because the key is synced via iCloud the user can log in to the website from, say, their MacBook. Passkeys can be stored on hardware security keys, too, and support for native apps has arrived on iOS and Android. Despite some usability issues — for example, Bluetooth needs to work because device proximity is checked when a QR code is scanned — passkeys are worth considering. We suggest you experiment with them on passkeys.io to get a feeling for their usability. 43. Spin Assess Spin is an open-source platform for building and running microservices in WebAssembly (WASM). In previous editions of the Radar, we talked about WebAssembly in the context of browsers, but we’re now witnessing the penetration on the server side due to its capabilities for fine-grained sandboxing, cross-language interoperability and hot reloading. With Spin CLI, you can quickly create and distribute WebAssembly microservices in Rust, TypeScript, Python and TinyGo. We’re excited about Spin, and we recommend you carefully assess it as it moves out of early preview. 44. Denodo as primary data transformation tool Hold Denodo is a data virtualization tool that aims to make it easier to expose and secure transformed, consumer-friendly data (from multiple underlying data sources and through a variety of interfaces) from one platform. Data transformations within Denodo can be defined by creating virtual databases and views using a SQL-like language called VQL which are executed when a user queries the virtual database. Underneath, Denodo can delegate queries on the virtual databases against one or multiple underlying databases. Although Denodo makes it easy to start exposing consumer-friendly data, performance degrades as layers of views and virtual databases are built on top of each other and queries with multiple joins start hitting multiple underlying databases. These problems are solvable, but they require fairly deep knowledge of the product’s behavior and performance tuning options. Because of these drawbacks and given its limited support for unit testing, we recommend that you do not use Denodo as a primary data transformation tool and use tools like Spark or SQL (with dbt) for your data transformations instead. © Thoughtworks, Inc. All Rights Reserved. 26
Immersive Experience — Vol 28 | Thoughtworks Technology Radar Page 25 Page 27