Feb 19 · 6 min read · Cryptography is precise. Browsers are not. If you’ve implemented WebAuthn in a real PWA, you already know this:The spec is clean. The user experience is not. The uncomfortable truth is this: Most authentication systems fail because of UX, not becaus...
Join discussion
Feb 19 · 5 min read · When designing a passwordless-first PWA architecture, the diagram looks elegant. In production, elegance collides with: Browser inconsistencies Institutional identity constraints Support tickets Device lifecycle chaos Monitoring blind spots Le...
Join discussion
Feb 19 · 5 min read · When teams adopt WebAuthn or FIDO2, the excitement is understandable: No passwords. No phishing. No credential stuffing. Biometric UX. Public-key cryptography. It feels like the final answer. But WebAuthn answers exactly one question: Can thi...
Join discussion
Feb 18 · 6 min read · WebAuthn gave us phishing-resistant, device-bound authentication.But devices get lost. Browsers reset. Users switch laptops. Institutions manage identities centrally. That’s where OIDC (Feide) enters — not as a competitor to passwordless, but as stru...
Join discussion
Feb 17 · 7 min read · WebAuthn looks deceptively simple at a high level: Generate challenge Call browser API Verify signature Done In practice, it is not that simple. WebAuthn is cryptographically elegant but operationally unforgiving.Small mistakes create subtle se...
Join discussion
Feb 16 · 6 min read · Modern authentication diagrams are clean. Real systems are not. My architecture intentionally combines: WebAuthn (FIDO2) for phishing-resistant authentication Feide (OIDC) for federated identity, recovery, and bootstrap SQL Server for credential p...
Join discussion
Feb 15 · 6 min read · Security engineers love cryptography because it is clean. Humans are not. The strongest authentication protocol in the world can be undone by: a confusing error message, an unclear retry flow, a missing recovery path, or a user who simply wants t...
Join discussion
Feb 14 · 6 min read · By this point in the series, we’ve established three things: Passwords are structurally fragile. WebAuthn provides phishing-resistant, device-bound authentication. OpenID Connect provides portable, federated identity. Now comes the harder questi...
Join discussion
Feb 13 · 6 min read · Progressive Web Apps Development Guide with Service Workers Offline-first architecture and background sync strategies Progressive Web Apps (PWAs) have evolved from a promising concept into a production-ready standard that bridges the gap between web ...
Join discussion
