Suby Raman

Composer - programmer - generative artist. Working for Duo Security. Questing to make Great Art with data generated from his cat.

The Web Authentication API - Imagine a World Without Passwords

Passwords are a problem. We reuse them. We forget them. Worst of all, they’re easy to steal.

The Web Authentication API is now available, providing a Javascript API to integrate with strong authenticators like biometric readers, making a password-free future more possible. Let’s learn how!

In this talk Suby will discuss the history and weaknesses of passwords. He'll give an overview of the Web Authentication spec and the problems it attempts to solve. He'll give code samples describing the basic implementation on the server and client. He’ll describe the user-experience and engineering challenges faced by my team in integrating the Web Authentication API into our product. He will conclude with thoughts on the prospects of Web Authentication, and why he feels it could have a significant impact on the way we web developers think about security.

About Suby

Suby Raman is a full-stack software engineer and multimedia artist, working for Duo Security out of Ann Arbor, Michigan. In his work at Duo, he has helped drive development of passwordless authentication in Duo's authentication service, phishing assessment tools, and more. Outside of work, he busies himself with classical composition and developing live, generative visuals with technologies like WebGL. He hopes to one day create great art with data generated from his cat.