Most security experts would agree that password-based authentication is dead. The FIDO2 standard aims to replace passwords entirely and there is a good deal of chance that it will succeed. It has gained significant momentum in the past year, as key players like Microsoft, Apple, Google, and Mozilla started to jump on board. This talk will provide a technical overview of the FIDO2 and W3C WebAuthn standards, with the main focus being placed on mapping the current hardware and software support and the possibilities and limitations of today’s implementations. Best practices, including security token lifecycle management, will also be covered.