Here at Duo, we think about authentication a lot. We’re constantly on the lookout for new techniques and technologies that will make it easier for users to authenticate, more difficult for attackers to impersonate a user, or both at once. WebAuthn is a great example of this. But in this article, we’d like to avoid focusing on bad auth, and instead focus on uncertain auth. We evaluate all the latest auth methods and their pros and cons.
What a big year for passwordless! Since March, the World Wide Web Consortium (W3C) and Fast Identity Online Alliance (FIDO) have come together to declare that Web Authentication (WebAuthn) is now an official global web standard. Learn about the technical aspects of WebAuthn as I guide you in this step-by-step video tutorial.
There's been a massive amount of progress made by both vendors and the authors of Web Authentication to bring this spec into usage in browsers and websites - here's what's new in WebAuthn and FIDO2.
James Barclay and Nick Steele recently shared their thoughts on a passwordless future during a Twitter chat with Yubico. Get their insights on the pain points of passwords, their hopes for the future, and explore some of our resources around industry advancements paving the way, like passwordless authentication, multi-factor authentication and WebAuthn.
Learn about Web Authentication, a credential management API built into popular browsers, that allows users to authentication easily, with strong encryption.