 Have you heard of WebAuthn but not sure exactly what it does? WebAuthn is a browser-based API to allow servers to register and authenticate users using public key cryptography instead of a password. With WebAuthn, servers can now integrate with platform authenticators that are built into devices like Apple Touch ID and Windows Hello or roaming authenticators like UB Keys. When registering on a website with one of these devices, a public-private key pair is created and the private key is stored on the authenticator device. A public key and a randomly generated credential ID is sent to the server for storage. The server can then use that public key to prove the user's identity. If you want to learn more about WebAuthn, check out the video linked in the comments and this has been Identity in a Minute.