Beyond Passwords: How WebAuthn Actually Works in 2 Minutes • Eli Holderness • GOTO 2023

This presentation was recorded at GOTO Amsterdam 2023. #GOTOcon #GOTOams Eli Holderness - Developer Advocate & Professional Nerd @eliholderness2428 Check out the full talk: RESOURCES @eli ABSTRACT Passwords are a pain, and we all know it. They’re either insecure or impossible to remember, and password managers can only go so far. How can we do better? The answer is WebAuthn. WebAuthn is set of standards that allows you to use hardware authentication tokens (like a YubiKey) to authenticate with web services, and it’s absolutely magic. Join me for a deep dive on what WebAuthn actually is, how it works, and how to implement it in your own web services. We’ll also discuss the practicalities of using hardware tokens in practice, the protocols they use to interface with your devices, and the mysterious cryptography that they use to keep you safe. [...] Read the full abstract here: RECOMMENDED BOOKS Liz Rice • Container Security • Liz Rice • Kubernetes Security • Aaron Parecki • OAuth 2.0 Simplified • Aaron Parecki • OAuth 2.0 Servers • Aaron Parecki • The Little Book of OAuth 2.0 RFCs • Erdal Ozkaya • Cybersecurity: The Beginner’s Guide • Richer & Sanso • OAuth 2 in Action • #Privacy #PasswordSecurity #WebAuthn #Passwords #Security #CyberSecurity #YubiKey #EliHolderness #SoftwareEngineering #Programming #EliHolderness #GOTOByteSized #ByteSized Looking for a unique learning experience? Attend the next GOTO conference near you! Get your ticket at Sign up for updates and specials at SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily.