Passkeys topic
Passkeys are a form of passwordless user authentication for websites and apps, that is designed to provide a high level of security by leveraging public key infrastructure. Unlike passwords, no shared secret is exchanged between the user and a service. Instead, the public key is sent to the server, while the private key is stored in the user’s device.
To verify the user’s identity, users can use biometric data, such as a fingerprints or facial recognition, instead of relying on a user-generated password. This makes it much more difficult for attackers to gain unauthorized access to an account, as passkeys are two-factor-authentication (2FA) by default. Concisely, they avoid a range of password-based attacks, including phishing, by providing an additional layer of security.
WebAuthn
A simple PHP WebAuthn (FIDO2/Passkey) server library
Vapor-PasskeyDemo
A demo for implementing PassKeys with Vapor
django-passkeys
Django Authentication Backend For Passkeys
keypass
PassKeeZ is a FIDO2/ Passkey compatible authenticator implementation for Linux
tlsproxy
A TLS proxy, Reverse proxy, and Web server that uses Let's Encrypt automatically.
esp32_u2f
Create a FIDO2/U2F token using ESP32
passkeys
FIDO2-certified passkey server and SDKs for adding passkey support to any auth system
webauthntest
WebAuthn Test Site
corbado-nodejs
Add passkeys to your Node.js application with the Corbado Node.js SDK.
passkeys
Passkeys demo using Cloudflare Workers, KV, and D1