FIDO2WebAuthn

FIDO2 WebAuthn is a framework for passwordless and phishing-resistant user authentication on the web. It is defined by the FIDO Alliance and the W3C. The FIDO2 family includes WebAuthn, a browser API for creating and using public-key credentials, and CTAP2, the protocol used by external authenticators to communicate with client devices. Together, they enable a relying party (a website) to register a user and later authenticate them without a password.

During registration, the user consents to create a new credential. The authenticator generates a new public-key/private-key

Authenticators can be platform-based (built into the operating system or device, such as Windows Hello, macOS,

Adoption considerations include recovery options, credential backups, and accessibility. Limitations include dependency on user devices and