0Pricing
Cryptology Academy · Lesson

Passwordless Auth: WebAuthn and FIDO2

Explore the W3C WebAuthn standard and FIDO2 passkeys as the future of authentication.

FIDO2 Architecture

FIDO2 is the umbrella term for the W3C Web Authentication specification (WebAuthn) combined with the FIDO Alliance's Client-to-Authenticator Protocol 2 (CTAP2). Together they define a complete passwordless authentication system using public-key cryptography bound to the relying party origin.

Authenticator Types

FIDO2 supports two authenticator categories. Platform authenticators are built into the device: Touch ID and Face ID on Apple devices, Windows Hello on Windows. Roaming authenticators are external hardware tokens: YubiKey, Google Titan Key, Feitian keys. All use public-key cryptography and generate attestation statements.

All lessons in this course

  1. The Fundamental Password Authentication Problem
  2. SRP: Secure Remote Password Protocol
  3. PAKE Protocols and Their Properties
  4. Passwordless Auth: WebAuthn and FIDO2
← Back to Cryptology Academy