MKMaria Kinyantainemkaylabs.hashnode.dev·4d ago · 5 min readFIDO2 and WebAuthn: How Hardware Turns Authentication Into a Cryptographic ProofFor decades, authentication on the web has revolved around a shared secret — a password both sides agree to keep. FIDO2 changes the premise entirely. Instead of something you remember, it relies on so50
MKMaria Kinyantainemkaylabs.hashnode.dev·Jul 5 · 4 min readThe Myth of Client-Side Security: Why Modern Applications Should Trust Cryptography, Not JavaScriptIn cybersecurity, there's a principle that every engineer eventually learns—often the hard way: Never trust the client. Any JavaScript running in a user's browser executes inside an environment fully 70
MKMaria Kinyantainemkaylabs.hashnode.dev·Jun 23 · 4 min readBeyond CAPTCHAs: Exploring Hardware Attestation for High-Demand Ticket SalesManaging high-demand ticket sales is a tough job. When a popular event goes live, thousands of people connect at exactly the same moment. In recent years, the nature of this traffic has changed. Autom60