Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 23 Webauthn Open-Source Projects
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
OpenSK
OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.
-
SimpleWebAuthn
WebAuthn, Simplified. A collection of TypeScript-first libraries for simpler WebAuthn integration. Supports modern browsers, Node, Deno, and more.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
caddy-security
🔐 Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. 💎 Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. 💎 Authorization with JWT/PASETO tokens. 🔐
-
yubikey-manager
Python library and command line tool for configuring any YubiKey over all USB interfaces.
-
webauthn-ruby
WebAuthn ruby server library ― Make your Ruby/Rails web server become a conformant WebAuthn Relying Party
-
libfido2
Provides library functionality for FIDO2, including communication with a device over USB or NFC.
-
glewlwyd
Experimental Single Sign On server, OAuth2, Openid Connect, multiple factor authentication with, HOTP/TOTP, FIDO2, TLS Certificates, etc. extensible via plugins
-
java-webauthn-server
Server-side Web Authentication library for Java https://www.w3.org/TR/webauthn/#rp-operations
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
It's me and two others though I'm definitely the most active. We put a lot of effort into security best practices and one of my co-developers is currently reviewing the 4.38.0 release. It's a fairly major release with a lot of important code paths that have been improved for the future.
Our official docs can be found at https://www.authelia.com and you can find docs for a particular PR in the relevant PR. We've also linked the pre-release docs in the pre-release discussions which can be found here: https://github.com/authelia/authelia/discussions/categories/...
I get what you are trying to do, but it feels a bit insecure. Why not use an OSS passwordless project like https://github.com/supertokens/supertokens-core/ or https://github.com/teamhanko/hanko
Project mention: OpenSK – open-source implementation for security keys written in Rust | news.ycombinator.com | 2023-08-25
Project mention: Passkey Implementation: Misconceptions, pitfalls and unknown unknowns | news.ycombinator.com | 2024-05-02All phones ask for PIN or pattern in addition to face/fingerprint. Use that.
For the average user this is safe enough. (i.e) keep google/apple password safe. Then all is fine.
> exporting and FAANG lock-in
You don't ever have to even sign into FAANG if you can put up with inconvenience.
- Buy a U2F FIDO key like OPEN SOURCE https://solokeys.com/ or Yubikey etc
Check this: https://github.com/kanidm/kanidm/ Maybe not production ready, but looks very promising
https://github.com/herrjemand/awesome-webauthn
Project mention: Passkey Implementation: Misconceptions, pitfalls and unknown unknowns | news.ycombinator.com | 2024-05-02I have a nodejs passkey implementation over at AuthC https://github.com/authcompanion/authcompanion2 a simple user management server. For javascript developers https://github.com/MasterKale/SimpleWebAuthn has been a good way to get started with a poc before venturing deeper into webauthn (passkeys) spec.
Project mention: Caddy-Security: Security App and Plugin for Caddy | news.ycombinator.com | 2024-03-17
Project mention: Passkey Implementation: Misconceptions, pitfalls and unknown unknowns | news.ycombinator.com | 2024-05-02These crop up every now and again but they never address my biggest concern, which how we (the users) can prevent abuse of https://w3c.github.io/webauthn/#attestation-object such that only those of us with approved devices are allowed to authenticate.
It's not hard to imagine Google and Apple and a few others finding ways to pressure authenticators into blocking access to users of devices that cannot prove that they're running firmware which bellyfeels ingsoc.
There are c# libs with examples you can look at
Project mention: How and why we built our expense tracker with CRDTs | news.ycombinator.com | 2024-04-03Hey, thanks! Let me know if you have any feedback
Our backend is in go, so the passkey support is from this impl https://github.com/go-webauthn/webauthn
Rodauth provides first class support for passkeys, implemented on top of the excellent webauthn-ruby gem. It enables using passkeys as a multifactor authentication method, or for passwordless login and registration. In addition to routes, views and database storage, it also provides the complete JavaScript part that interacts with Web Authentication API for zero configuration.
Project mention: NIST: Personal Identity Verification (PIV) of Federal Employees and Contractors | news.ycombinator.com | 2024-03-23PuTTY-CAC was an interesting, although imperfect solution to using PIV/CAC cards together with SSH. I remember piloting it from 2013-2014 at an agency. Back then, it was maintained by Dan Risacher[0]. Nowadays it is maintained on GitHub[1] and adopted some interesting features like FIDO.
[0] https://risacher.org/putty-cac/
[1] https://github.com/NoMoreFood/putty-cac
java-webauthn-server: A library from Yubico that supports many attestation format. But it is not 100% FIDO2 conformant.
Webauthn related posts
-
Passkey Implementation: Misconceptions, pitfalls and unknown unknowns
-
How and why we built our expense tracker with CRDTs
-
Passkeys – Under the Hood
-
KeePassXC Issue: [Passkeys] should never be exported in clear text
-
A Passwordless Future! Passkeys for Java Developers
-
WebAuthN in Remix - FaceID, YubiKey, and more!
-
Amazon Passkeys: Response to Consumer Demand with Poor Implementation
-
A note from our sponsor - InfluxDB
www.influxdata.com | 3 May 2024
Index
What are some of the best open-source Webauthn projects? This list will help you:
Project | Stars | |
---|---|---|
1 | authelia | 19,578 |
2 | hanko | 5,428 |
3 | OpenSK | 2,904 |
4 | solo1 | 2,260 |
5 | kanidm | 2,214 |
6 | awesome-webauthn | 1,338 |
7 | SimpleWebAuthn | 1,272 |
8 | caddy-security | 1,245 |
9 | webauthn | 1,093 |
10 | fido2-net-lib | 1,066 |
11 | yubikey-manager | 814 |
12 | py_webauthn | 797 |
13 | webauthn-json | 721 |
14 | webauthn | 623 |
15 | webauthn-ruby | 622 |
16 | libfido2 | 549 |
17 | cookbook | 458 |
18 | putty-cac | 448 |
19 | glewlwyd | 424 |
20 | a12n-server | 423 |
21 | java-webauthn-server | 423 |
22 | webauthn-rs | 418 |
23 | LDAP Account Manager (LAM) | 408 |
Sponsored