Introduction to Web Authentication from edX

This course introduces developers to the W3C’s Web Authentication (WebAuthn) API, which provides the tools to replace usernames and passwords in favor of hardware-backed, cryptographically secure authentication.

Learners will explore basic concepts such as registration and authentication, and how WebAuthn thwarts modern attacks such as phishing to ensure security and privacy.

After becoming familiar with WebAuthn buiding blocks, such as authenticators, clients, and replying parties, learners will move on to standing up a WebAuthn server and learning the different flows supported by WebAuthn.

Finally, students will review guidance and recommendations for operating a WebAuthn environment, capping off the course with an interactive project giving developers a solid foundation to secure assets and contemplate a passwordless future.

What you'll learn

What is Web Authentication (a.k.a WebAuthn)
Key WebAuthn concepts
How to create and use Web Authentication credentials
Construction of a server infrastructure
Understand and deploy server side requirements

What's inside

Learning objectives

What is web authentication (a.k.a webauthn)
Key webauthn concepts
How to create and use web authentication credentials

Construction of a server infrastructure
Understand and deploy server side requirements

What is web authentication (a.k.a webauthn)
Key webauthn concepts
How to create and use web authentication credentials
Construction of a server infrastructure
Understand and deploy server side requirements

Syllabus

Module 1: Introduction to Web Authentication

After completing this module, students will have an understanding of why developing WebAuthn solves issues plaguing current authentication options. Students get a high-level view on how WebAuthn works on the web, along with a look at the code required to support a WebAuthn server.

Module 2: Deploying a WebAuthn server

This module is about deploying a sample WebAuthn Web implementation. It includes hands-on experience with WebAuthn, both in deploying a bare-bones WebAuthn server, as well as integrating WebAuthn into a larger context. Students will replace a username and password log-in using a sample WebAuthn architecture. By the end of this module, students will have the experience necessary to utilize WebAuthn in new deployments as well as retro-fitting existing services

Good to know

Know what's good

, what to watch for

, and possible dealbreakers

Provides a comprehensive introduction to W3C's Web Authentication (WebAuthn) API, empowering developers with knowledge and skills to replace traditional authentication methods and enhance security

Facilitates the understanding of fundamental concepts, such as registration and authentication, ensuring learners grasp the core principles of WebAuthn

Builds a solid understanding of WebAuthn building blocks, including authenticators, clients, and replying parties, providing a holistic view of the authentication process

Practices the deployment of a WebAuthn server and explores different flows supported by the API, offering hands-on experience in implementing secure authentication mechanisms

Covers essential guidance and recommendations for operating a WebAuthn environment, equipping learners with practical knowledge to ensure effective and secure implementation

Provides an interactive project that reinforces key concepts and promotes practical application, giving developers a strong foundation to secure assets in a passwordless future

Career center

Learners who complete Introduction to Web Authentication will develop knowledge and skills that may be useful to these careers:

Web Developer

A Web Developer designs, develops, and maintains websites and web applications. This course is directly relevant and may be useful in understanding and implementing the latest web authentication standards and security measures, which are essential for building secure and user-friendly web applications.

See salaries and explore the career path for Web Developer

IT Security Architect

An IT Security Architect designs, implements, and maintains an organization's IT security infrastructure. This course can be useful in understanding the principles of web authentication and the latest security protocols, which are essential for designing and implementing a secure IT architecture.

See salaries and explore the career path for IT Security Architect

Information Systems Security Manager

An Information Systems Security Manager is responsible for developing and managing an organization's information security program. This course can be useful in building a foundation in web authentication protocols and security measures, which are essential for managing and maintaining a secure IT infrastructure.

See salaries and explore the career path for Information Systems Security Manager

Software Engineer

A Software Engineer designs, develops, and maintains software applications. This course can be useful in building a foundation in web authentication and security best practices, which are essential for developing secure and reliable software applications.

See salaries and explore the career path for Software Engineer

Security Consultant

A Security Consultant provides expert advice and guidance to organizations on security matters. This course can be useful in gaining knowledge of web authentication standards and best practices, which are essential for providing security consulting services.

See salaries and explore the career path for Security Consultant

Cloud Security Engineer

A Cloud Security Engineer is a professional who ensures the security of data and applications in the cloud. Understanding web authentication standards like WebAuthn is essential for securing cloud-based applications and services, making this course valuable for those pursuing a career in cloud security.

See salaries and explore the career path for Cloud Security Engineer

Network Security Engineer

A Network Security Engineer is responsible for securing an organization's network infrastructure. This course can be helpful in developing an understanding of authentication protocols and network security measures, which are essential for protecting network resources from unauthorized access.

See salaries and explore the career path for Network Security Engineer

IT Auditor

An IT Auditor assesses an organization's IT systems and processes to ensure they comply with security standards and regulations. This course can be helpful in gaining knowledge of web authentication standards and security best practices, which are essential for conducting IT audits and ensuring compliance.

See salaries and explore the career path for IT Auditor

Security Operations Analyst

A Security Operations Analyst monitors and responds to security events and incidents. This course may be helpful in developing an understanding of web authentication protocols and security measures, which are essential for detecting and responding to security threats.

See salaries and explore the career path for Security Operations Analyst

Blockchain Developer

A Blockchain Developer is a software engineer who designs, develops, and implements blockchain applications. Web Authentication plays a crucial role in securing access to blockchain applications and managing digital identities on the blockchain, making this course relevant for those looking to enter this field.

See salaries and explore the career path for Blockchain Developer

Privacy Engineer

A Privacy Engineer designs and implements systems and processes to protect user data and ensure compliance with privacy regulations. This course may be helpful in understanding the privacy implications of web authentication and the latest privacy-enhancing technologies.

See salaries and explore the career path for Privacy Engineer

Information Security Analyst

An Information Security Analyst is a professional who plans and implements security measures to protect an organization's information systems and data. This course may be useful in understanding the principles of authentication and authorization, as well as the latest web security standards and best practices.

See salaries and explore the career path for Information Security Analyst

Application Security Engineer

An Application Security Engineer is a computer professional who designs and implements security measures for computer applications, ensuring that applications and IT systems are protected against vulnerabilities. This course may be useful in understanding the fundamentals of web security, including authentication and authorization, as building secure applications requires an understanding of these concepts.

See salaries and explore the career path for Application Security Engineer

Cybersecurity Analyst

A Cybersecurity Analyst is a security professional who identifies, analyzes, and responds to cybersecurity risks and threats. This course may be helpful in developing a foundation in authentication protocols and security measures, which are essential for understanding and preventing cyberattacks.

See salaries and explore the career path for Cybersecurity Analyst

Data Scientist

A Data Scientist analyzes and interprets data to extract meaningful insights and drive decision-making. Though the course does not directly relate to data analysis, understanding data security and privacy, including authentication and authorization, is becoming increasingly important for data professionals.

See salaries and explore the career path for Data Scientist

Reading list

We haven't picked any books for this reading list yet.

Introduction to Web Authentication