#progressive-web-apps

NVNguyễn Việt Tùngdevpath-traveler.nguyenviettung.id.vn

How Browser UX Shapes Security More Than Cryptography

Cryptography is precise. Browsers are not. If you’ve implemented WebAuthn in a real PWA, you already know this:The spec is clean. The user experience is not. The uncomfortable truth is this: Most authentication systems fail because of UX, not becaus...

Feb 196 min read

NVNguyễn Việt Tùngdevpath-traveler.nguyenviettung.id.vn

Passwordless: What Worked, What Didn’t, What I’d Change

When designing a passwordless-first PWA architecture, the diagram looks elegant. In production, elegance collides with: Browser inconsistencies Institutional identity constraints Support tickets Device lifecycle chaos Monitoring blind spots Le...

Feb 195 min read

NVNguyễn Việt Tùngdevpath-traveler.nguyenviettung.id.vn

Why Passwordless Alone Is Not an Identity Strategy

When teams adopt WebAuthn or FIDO2, the excitement is understandable: No passwords. No phishing. No credential stuffing. Biometric UX. Public-key cryptography. It feels like the final answer. But WebAuthn answers exactly one question: Can thi...

Feb 195 min read

NVNguyễn Việt Tùngdevpath-traveler.nguyenviettung.id.vn

Integrating OIDC (Feide) as Fallback and Recovery

WebAuthn gave us phishing-resistant, device-bound authentication.But devices get lost. Browsers reset. Users switch laptops. Institutions manage identities centrally. That’s where OIDC (Feide) enters — not as a competitor to passwordless, but as stru...

Feb 186 min read

NVNguyễn Việt Tùngdevpath-traveler.nguyenviettung.id.vn

Implementing WebAuthn in Practice

WebAuthn looks deceptively simple at a high level: Generate challenge Call browser API Verify signature Done In practice, it is not that simple. WebAuthn is cryptographically elegant but operationally unforgiving.Small mistakes create subtle se...

Feb 177 min read

NVNguyễn Việt Tùngdevpath-traveler.nguyenviettung.id.vn

Passwordless PWA Flow Architecture Walkthrough

Modern authentication diagrams are clean. Real systems are not. My architecture intentionally combines: WebAuthn (FIDO2) for phishing-resistant authentication Feide (OIDC) for federated identity, recovery, and bootstrap SQL Server for credential p...

Feb 166 min read

NVNguyễn Việt Tùngdevpath-traveler.nguyenviettung.id.vn

UX and Failure Are Part of the Security Model

Security engineers love cryptography because it is clean. Humans are not. The strongest authentication protocol in the world can be undone by: a confusing error message, an unclear retry flow, a missing recovery path, or a user who simply wants t...

Feb 156 min read

NVNguyễn Việt Tùngdevpath-traveler.nguyenviettung.id.vn

Designing a Passwordless-First PWA Architecture

By this point in the series, we’ve established three things: Passwords are structurally fragile. WebAuthn provides phishing-resistant, device-bound authentication. OpenID Connect provides portable, federated identity. Now comes the harder questi...

Feb 146 min read

TITech Insights Hubtopperblog.hashnode.dev