Four-Project Series

Single Sign-On and Passwordless Authentication you own this product

intermediate Linux command line • basic web application stack
skills learned
AWS Cloud infrastructure • user-account management • multi-factor authentication (MFA) • single sign-on • FIDO2 • WebAuthn
Andrey Ovcharov
4 weeks · 6-8 hours per week average · INTERMEDIATE

pro $24.99 per month

  • access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
  • choose one free eBook per month to keep
  • exclusive 50% discount on all purchases

lite $19.99 per month

  • access to all Manning books, including MEAPs!


5, 10 or 20 seats+ for your team - learn more

Play the role of an analyst for Sitting Duck Shipping, a fictional mid-sized company looking to modernize its authentication and authorization stack by moving away from easy-to-forget, easy-to-steal passwords. Your task is to build a proof-of-concept for the new stack, collect information, and put together a project proposal. In this series of liveProjects, you’ll set up the environment for the proof-of-concept, establish multi-factor authentication (MFA), establish single sign-on to reduce the number of required passwords, and implement secure, passwordless authentication. As a result of your efforts, Sitting Duck Shipping’s end users will enjoy increased security and an improved login experience.

These projects are designed for learning purposes and are not complete, production-ready applications or solutions.

here's what's included

Project 1 Cloud Infrastructure-as-a-Service

Play the role of an analyst at Sitting Duck Shipping, a fictional mid-sized company that wants to modernize its authentication and authorization stack. Its goal is to reduce support time spent on password resets and improve the end-user experience, ultimately reducing the risk of account takeovers while maintaining security and compliance. Your task is to set up the proof-of-concept environment for this project.

Project 2 Multi-Factor Authentication

Protect the Sitting Duck Shipping company from password theft—the most common type of security breach. In this liveProject, you’ll arm the company’s lab environment against these types of attacks by enabling multi-factor authentication (MFA) for IaaS, the server, and the web application. To provide your best recommendation to the company, you’ll evaluate various algorithms and factors that can be used to set up its MFA.

Project 3 Single Sign-On

Set up single sign-on (SSO) for the Sitting Duck Shipping company to simplify its password management—a process that typically requires a business employee to manage more than a hundred passwords for various web applications. You’ll configure SSO for AWS, Linux, and WordPress, establishing seamless secure logins. During this liveProject, you’ll identify and strengthen weak points in the infrastructure and keep potential attacks at bay with the appropriate countermeasures.

Project 4 Go Passwordless

Your task as an analyst for the Sitting Duck Shipping company is to enable FIDO2 (WebAuthn and CTAP). To do that, you’ll configure the learner’s hardware as the authenticator and configure WordPress to accept WebAuthn authentication. By implementing biometric authentication, you’ll bring a new level of security and satisfaction to the login experience for the company’s users.

book resources

When you start each of the projects in this series, you'll get full access to the following book for 90 days.

choose your plan


only $204.17 per month
  • five seats for your team
  • access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
  • choose another free product every time you renew
  • choose twelve free products per year
  • exclusive 50% discount on all purchases
  • Single Sign-On and Passwordless Authentication project for free

project author

Andrey Ovcharov
Andrey Ovcharov is a senior software engineer at IBM, and has more than twenty years of professional experience in various fields of modern application development, from PHP internals to frontend. Andrey’s keen interest in security, especially authentication, was the catalyst for his ambitious endeavor: to build an affordable wireless biometric authentication device implementing the FIDO2 protocol for passwordless authentication.


These liveProjects are for security professionals who want hands-on experience implementing passwordless authentication, and for software developers who want to better understand modern authentication. To begin these liveProjects you will need to be familiar with the following:

  • AWS Console basics
  • Intermediate Linux command line
  • Basic understanding of authentication (including multi-factor)
  • An iPhone or Android smartphone with biometric features or a USB security dongle with FIDO2 protocol
  • Web application stack basics (web servers, network protocols)

Notes: The AWS instance could cost some money if you have already used up your free tier.


You choose the schedule and decide how much time to invest as you build your project.
Project roadmap
Each project is divided into several achievable steps.
Get Help
While within the liveProject platform, get help from other participants and our expert mentors.
Compare with others
For each step, compare your deliverable to the solutions by the author and other participants.
book resources
Get full access to select books for 90 days. Permanent access to excerpts from Manning products are also included, as well as references to other resources.