Web Authentication

  • Thread starter
  • Moderator
  • #1

MagicalAzareal

Magical Developer
Joined
Apr 25, 2019
Messages
510
This is somewhat interesting, instead of logging in with a password, you would instead use public key cryptography instead. The key itself would be stored in a hardware device like a Yubikey or in your OS. I'm not quite sure how backing up the keys would work.

This means that if you're compromised, then all an attacker would get is the public keys for users (as you never stored their password, even as a hash) which are useless to them and users would also have a unique public key for each site.

Web Auth could also double as a 2FA factor in a conventional system with a password.
 

Joel R

Fan
Joined
Nov 24, 2013
Messages
737
Invision Community has a third-party app for Web Authentication released since December 2019:

 
Top