The WebAuthn standard, now at Candidate Review stage at W3C, allows for great ease of accessing hardware security tokens, for example Yubikeys, from browsers. It also specifies everything that’s needed in order to implement authentication workflows using these tokens.
This presentation will cover a brief history of multi-factor authentication and the issues it’s had in adoption, then go into an overview of the WebAuthn spec and how it works and finally demonstrate how to integrate it into Django- and Flask-based web apps.