Introduction to Web Authentication
About this courseSkip About this course
This course introduces developers to the W3C’s Web Authentication (WebAuthn) API, which provides the tools to replace usernames and passwords in favor of hardware-backed, cryptographically secure authentication.
Learners will explore basic concepts such as registration and authentication, and how WebAuthn thwarts modern attacks such as phishing to ensure security and privacy.
After becoming familiar with WebAuthn buiding blocks, such as authenticators, clients, and replying parties, learners will move on to standing up a WebAuthn server and learning the different flows supported by WebAuthn.
Finally, students will review guidance and recommendations for operating a WebAuthn environment, capping off the course with an interactive project giving developers a solid foundation to secure assets and contemplate a passwordless future.
At a glance
- Institution: W3Cx
- Subject: Computer Science
- Level: Introductory
- Security key and/or Chrome authenticator (free tool that works on Chrome browser)
- Have a working instance of Git and Docker
- Language: English
- Video Transcript: English
- Associated skills: Application Programming Interface (API), Authentications, Phishing
What you'll learnSkip What you'll learn
- What is Web Authentication (a.k.a WebAuthn)
- Key WebAuthn concepts
- How to create and use Web Authentication credentials
- Construction of a server infrastructure
- Understand and deploy server side requirements
Module 1: Introduction to Web Authentication
After completing this module, students will have an understanding of why developing WebAuthn solves issues plaguing current authentication options. Students get a high-level view on how WebAuthn works on the web, along with a look at the code required to support a WebAuthn server.
Module 2: Deploying a WebAuthn server
This module is about deploying a sample WebAuthn Web implementation. It includes hands-on experience with WebAuthn, both in deploying a bare-bones WebAuthn server, as well as integrating WebAuthn into a larger context. Students will replace a username and password log-in using a sample WebAuthn architecture. By the end of this module, students will have the experience necessary to utilize WebAuthn in new deployments as well as retro-fitting existing services