WebAuthn from W3C and FIDO Alliance - What You Need To Know

June 13, 2019
In March, 2019, the World Wide Web Consortium (W3C) and the FIDO Alliance announced the specifications for the official web standard for Web Authentication or WebAuthn for short. WebAuthn is the second major component that, along with Client to Authenticator Protocol (CTAP), makes up the FIDO2 standard. FIDO2 is a standard that enables users to leverage common devices to perform authentication functions for online services rather than relying on a user’s knowledge. WebAuthn is the API that enables the creation and use of public key-based credentials by web applications. The idea is that ‘something a user is’ can be used to authenticate themselves. Something a user is can be several methods, including mobile devices, biometrics or security keys. This is in lieu of traditional usernames and passwords.
Previous Video
Zoom Security Flaw for Macs
Zoom Security Flaw for Macs

It was discovered that Zoom Video Communications (Zoom) had a major security flaw in how their video messag...

Next Video
Verizon's DBIR 2019 - What Matters to Application Security?
Verizon's DBIR 2019 - What Matters to Application Security?

The annual Verizon Data Breach Investigations Report is out again. This is considered the breach bible and ...