Difference between revisions of "WebAuthn"

From Embedded Lab Vienna for IoT & Security
Jump to navigation Jump to search
Line 1: Line 1:
== Summary ==  
== Summary ==  


 
WebAuthn is an Application created by the FIDO (Fast Identity Online) alliance and the W3C (World Wide Web Consortium) to offer the possibility of passwordless authentication online. The latest recommendation is of March 2019 published by the W3C. Instead WebAuthn work either with the inbuild Authenticator of the device, such as fingerprint sensor or facial recognition, or with an extern media like an USB Stick for verification.


== Goal ==
== Goal ==
Its purpose is to offer a more secure and easy possibility to log into your online accounts without storing or remembering huge amounts of passwords to prevent the possibility of passwords getting leaked or forgotten.


== Used Software ==
== Authenticators ==


The authenticator is necessary to create a public key credential and to register with a Relying Party.
There are two types of Authenticators:


Platform Authenticator:


== Authenticators ==
The platform Authenticator is implemented on a device thus using a client device-specific transport called platform attachment. This authenticator is usually not removable from the device and the credential created with it is called platform credential.


== Titel ==
Roaming Authenticator:


A roaming Authenticator is attached using cross-platform transport and is thus called a cross-platform attachment. They are removable from the device, such as an USB key fob, and the generated credential is called roaming credential


== References ==
== References ==


* https://www.openhab.org/
* https://webauthn.guide/#about-webauthn
* https://www.wireshark.org/
* https://www.w3.org/TR/webauthn/#intro


[[Category:Documentation]]
[[Category:Documentation]]

Revision as of 15:17, 30 January 2020

Summary

WebAuthn is an Application created by the FIDO (Fast Identity Online) alliance and the W3C (World Wide Web Consortium) to offer the possibility of passwordless authentication online. The latest recommendation is of March 2019 published by the W3C. Instead WebAuthn work either with the inbuild Authenticator of the device, such as fingerprint sensor or facial recognition, or with an extern media like an USB Stick for verification.

Goal

Its purpose is to offer a more secure and easy possibility to log into your online accounts without storing or remembering huge amounts of passwords to prevent the possibility of passwords getting leaked or forgotten.

Authenticators

The authenticator is necessary to create a public key credential and to register with a Relying Party. There are two types of Authenticators:

Platform Authenticator:

The platform Authenticator is implemented on a device thus using a client device-specific transport called platform attachment. This authenticator is usually not removable from the device and the credential created with it is called platform credential.

Roaming Authenticator:

A roaming Authenticator is attached using cross-platform transport and is thus called a cross-platform attachment. They are removable from the device, such as an USB key fob, and the generated credential is called roaming credential

References