Links- Codecrafters (sponsor): https://tej.as/codecrafters- Clerk: https://clerk.com- Auth0: https://auth0.com- Arctic (OAuth Library): https://arctic.js.org- Lucia (Session Library): https://lucia-auth.comWhy do we still use passwords in 2026? In this episode of ConTejas Code, we tear down the complex world of digital identity. From the horror story of getting hacked at a hookah bar to the mathematical elegance of public-key cryptography, we cover how the internet knows who you actually are.Let's break down the history of web authentication, explain why "logging in" is so much harder than it looks, and demystify the new standard taking over the web: Passkeys (WebAuthn). Whether you are a developer looking for an implementation playbook or just curious why your banking app requires a fingerprint, this deep dive explains the difference between Identity, Identifiers, and Credentials—and why you should stop rolling your own auth immediately.Chapters00:00:00 Welcome to ConTejas Code00:01:06 Sponsor: CodeCrafters00:01:42 Why Authentication Matters (High Stakes vs. Low Stakes)00:07:30 Storytime: Getting Hacked at a Shisha Bar00:19:48 The Vocabulary: Identity, Identifiers, and Credentials00:27:45 The Three Factors (Something You Know, Have, Are)00:34:28 Real World Analogies: House Keys, Speak-easies, and Hotel Cards00:41:10 A History of Web Auth: From Basic Auth to the "Social Login" Mess00:49:15 Authentication vs. Authorization vs. Accounting00:57:00 The Problem with Passwords & MFA Fatigue01:00:40 How Passkeys Work: Public Key Cryptography Explained01:07:00 Under the Hood: WebAuthn, FIDO2, and The "Ceremonies"01:13:40 Synced vs. Device-Bound Passkeys01:16:30 The Playbook: How to Design Auth for SaaS, Mobile, and B2B01:21:00 The Golden Rule: Don't Roll Your Own Crypto01:23:00 Libraries & Tools You Should Use (Clerk, Auth0, Arctic)01:28:40 The Minimum Viable Security Checklist01:32:30 The Future of Passwordless Identity Hosted on Acast. See acast.com/privacy for more information.

Ver todos los episodios