Overview#Web Authentication should use WebAuthN.
Historic Web Authentication #Web Authentication is about Authentication over:
Web Authentication may be implemented using WEB Access Management technologies.
Web Authentication is often performed using LDAP Authentication.
Do Not Do Web Authentication#Well, do not do it yourself. Use OpenID Connect or User-Managed Access. Best Practices Password
MUST-READ LINKS About Web Authentication#
- OWASP Guide To Authentication
- OWASP Authentication Cheat Sheet
- Dos and Don’ts of Client Authentication on the Web (very readable MIT research paper)
- Wikipedia: HTTP cookie
- Personal knowledge questions for fallback authentication: Security questions in the era of Facebook (very readable Berkeley research paper)
More Information#There might be more information for this subject on one of the following:
- Authentication cookie
- Best Practices Password
- WebAuthn Attestation Statement Format Identifier
- WebAuthn Extension Identifiers
- [#1] - The definitive guide to form-based website authentication - based on information obtained 2016-08-10