Look inside
Your task as an analyst for the Sitting Duck Shipping company is to enable FIDO2 (WebAuthn and CTAP). To do that, you’ll configure the learner’s hardware as the authenticator and configure WordPress to accept WebAuthn authentication. By implementing biometric authentication, you’ll bring a new level of security and satisfaction to the login experience for the company’s users.
This project is designed for learning purposes and is not a complete, production-ready application or solution.
book resources
When you start your liveProject, you get full access to the following books for 90 days.
project author
Andrey Ovcharov
Andrey Ovcharov is a senior software engineer at IBM, and has more than twenty years of professional experience in various fields of modern application development, from PHP internals to frontend. Andrey’s keen interest in security, especially authentication, was the catalyst for his ambitious endeavor: to build an affordable wireless biometric authentication device implementing the FIDO2 protocol for passwordless authentication.
prerequisites
These liveProjects are for security professionals who want hands-on experience implementing passwordless authentication, and for software developers who want to better understand modern authentication. To begin these liveProjects you will need to be familiar with the following:
TOOLS
- AWS Console basics
- Intermediate Linux command line
- Basic understanding of authentication (including multi-factor)
- An iPhone or Android smartphone with biometric features or a USB Security dongle with FIDO2 protocol
TECHNIQUES
- Web application stack basics (web servers, network protocols)
Note: The AWS instance could cost some money if you have already used up your free tier.
you will learn
In this liveProject, you’ll learn biometrics-based passwordless authentication methods and gain an understanding of the difference in UX between passwordless and traditional authentication methods from the user perspective as well as the adversary perspective. These skills will enable you to uplevel an organization’s security and UX:
- Set up the passwordless authentication to a company’s portal
- The pros and cons of passwordless authentication
- Possible security threats
features
- Self-paced
- You choose the schedule and decide how much time to invest as you build your project.
- Project roadmap
- Each project is divided into several achievable steps.
- Get Help
- While within the liveProject platform, get help from other participants and our expert mentors.
- Compare with others
- For each step, compare your deliverable to the solutions by the author and other participants.
- book resources
- Get full access to select books for 90 days. Permanent access to excerpts from Manning products are also included, as well as references to other resources.