In this talk I’ll discuss the history and weaknesses of passwords, and how the Web Authentication spec attempts to solve these problems with public-key cryptography. I’ll give code samples describing the basic implementation on the server and client. I’ll describe the user-experience and engineering challenges faced by my team in integrating the Web Authentication API into our product. I will conclude with thoughts on the prospects of Web Authentication, and why I feel it could have a significant impact on the way developers and users think about security.
Suby Raman is a multimedia artist and full-stack software engineer, working for Duo Security out of Ann Arbor, Michigan. At Duo he has helped drive development of passwordless authentication and phishing assessment tools. He has an avid interest in GPU programming to create interesting visual experiences, using platforms like WebGL and TouchDesigner.
He hopes to one day create great art with data generated from his cat.