Thanks for the explanation and I have doubts while use webauthn. 1. In smartphone(android) device where the private key are stored can I able to view. 2. Why Bluetooth connection is needed while scanning the QR code to login (authenticate)
Hey Agilan, great questions! 1. The private key is stored on the devices TPM or Trusted Platform Module and the private key can't be viewed for security concerns. 2. Bluetooth is necessary to ensure the devices are in close proximity to each other
@@WillJohnsonioIt's a cool development that takes the process flow behind hardware security keys like Yubikeys and adapts it to phones. Instead of connecting the phone to a computer using USB like with a typical hardware key, Bluetooth is used because it's more convenient. The key (pun intended) is to have the login computer and authenticating device in physical proximity so someone else in another country can't use your username and password to log in.
Thanks for watching our WebAuthn video. You can follow our WebAuthn Developer Labs with any of our client application code samples. WebAuthn with FIDO Security Keys Lab: developer.auth0.com/resources/labs/authentication/webauthn-with-fido-security-keys#introduction WebAuthn with Biometrics Lab: developer.auth0.com/resources/labs/authentication/webauthn-with-biometrics#introduction Client Code Samples: developer.auth0.com/resources/code-samples/spa Please let us know if you have any questions or feedback. Thanks!
Solve the key storage limitation (and inability to store keys at all) and it will be useful. Until then, it's just not going to be viable, long-term solution.
Not sure if you get this message, very good video. I have been trying trying to build a web auth that uses yubikeys, for a weeks for university project. Could you help in anyway please, as I am really stuck. 😢
Good explanation. It’s about time websites start implementing webauthn imho.
Thanks for the explanation and I have doubts while use webauthn.
1. In smartphone(android) device where the private key are stored can I able to view.
2. Why Bluetooth connection is needed while scanning the QR code to login (authenticate)
Hey Agilan, great questions!
1. The private key is stored on the devices TPM or Trusted Platform Module and the private key can't be viewed for security concerns.
2. Bluetooth is necessary to ensure the devices are in close proximity to each other
@@WillJohnsonioIt's a cool development that takes the process flow behind hardware security keys like Yubikeys and adapts it to phones. Instead of connecting the phone to a computer using USB like with a typical hardware key, Bluetooth is used because it's more convenient. The key (pun intended) is to have the login computer and authenticating device in physical proximity so someone else in another country can't use your username and password to log in.
interesting, any actual code implementation that you can demonstrate?
Thanks for watching our WebAuthn video. You can follow our WebAuthn Developer Labs with any of our client application code samples.
WebAuthn with FIDO Security Keys Lab:
developer.auth0.com/resources/labs/authentication/webauthn-with-fido-security-keys#introduction
WebAuthn with Biometrics Lab:
developer.auth0.com/resources/labs/authentication/webauthn-with-biometrics#introduction
Client Code Samples:
developer.auth0.com/resources/code-samples/spa
Please let us know if you have any questions or feedback. Thanks!
This was super helpful. Thanks!
You're welcome
Solve the key storage limitation (and inability to store keys at all) and it will be useful. Until then, it's just not going to be viable, long-term solution.
Not sure if you get this message, very good video. I have been trying trying to build a web auth that uses yubikeys, for a weeks for university project. Could you help in anyway please, as I am really stuck. 😢
Can a webapp get webauthn
simplewebauthen
yeah this dude definitely watch naruto