Symfony WebAuthn-Framework

Temps de lecture : < 1 minute

In my quest for passwordless authentication, my path crossed with the Webauthn Framework bundle.

At first glance, getting started with this solution is quite laborious. However, once the concept of WebAuthn is understood, things become clearer with each iteration.

I have nearly 20 hours of study/experimenting under my belt. The learning time has drastically reduced thanks to this french video.

A few adjustments were necessary due to the age of the video and the changes made to version 5.0 of the Framework.

The NodeJS module @simplewebauthn\browser turns out to be essential for handling the authentication challenge.

To be continued…

WordPress and Yubikey

Temps de lecture : < 1 minute

The security of WordPress administration is generally based on a login/password combination to access the interface.

However, we remain reliant on the most widespread combination of the past two decades.

A new player is emerging in this dominance: the access key, notably the YubiKey.

Always on the lookout for solutions to improve the security of my environments, I am currently testing the WP WebAuthn plugin as I write this post.

At first glance, this rather recent tool allows me to log in using my physical key. As expected, I might add.

Other plugins are available, such as PasswordLess Login.

However, the ultimate solution would be to create your own plugin, or even implement it on your own site (Next.js, Symfony)…

To be continued…