W3C and Yubico offer first online Web Authentication course for developers
https://www.w3.org/, and https://www.yubico.com — 14 October 2021 — Amid growing need around the world to modernize authentication and address phishing and credential theft, W3C and Yubico announced today the opening of registration for a W3Cx online education course that teaches developers how to build and incorporate modern authentication techniques into their web-based applications using W3C’s Web Authentication (WebAuthn).
W3C and Yubico collaborated to design the Massive Open Online Course (MOOC) titled “Introduction to Web Authentication” to equip learners with the knowledge to replace aging password-based credentials with a secure model that incorporates strong authentication. The course begins 30 November 2021 and is free to learners who can opt-into a paid course and earn a certificate of completion.
Yubico is happy to team up with W3C on this MOOC course. On our joint mission to make the internet safer for all, an important step is to educate developers on modern authentication standards and tools.
The three-week online course introduces developers to the principles of Web Authentication, from the development of the Application Programming Interface (API), to the terminology and the technical know-how. The heart of the course teaches students how to build and deploy their own Web Authentication server.
Course aimed at raising awareness, boosting adoption
One of the pillars of the Web Authentication API is its design to eliminate phishing by using public key-based credentials to protect log-ins and access to Web resources. Credentials represent the most common initial attack target, and compromised credentials represent 20% of breaches at an average cost of $4.37 million per breach, according to IBM’s 2021 Breach Report.
WebAuthn will change the way people access resources on the web. With multi-factor solutions that eliminate a weak link, Web services and businesses adopt WebAuthn to move beyond vulnerable passwords and improve the security of online experiences. I am looking forward to more web developers becoming experts thanks to this course and implementing the web-wide interoperability guidance of the standard.
The W3C’s Web Authentication Working Group advanced to W3C Recommendation in 2019 the specification “Web Authentication: An API for Accessing Public Key Credentials Level 1”. The group completed a second Recommendation version in 2021, and is currently working on a third update. A W3C Recommendation is an official web standard.
The “Introduction to Web Authentication” course is the seventh online course available on W3Cx, W3C’s online learning platform on edX. Since the initial HTML5 online course launched in 2015, over 1.3M students from around the world have enrolled in a W3Cx course.
About the World Wide Web Consortium
The mission of the World Wide Web Consortium (W3C) is to lead the Web to its full potential by creating technical standards and guidelines to ensure that the Web remains open, accessible, and interoperable for everyone around the globe. W3C well-known standards HTML and CSS are the foundational technologies upon which websites are built. W3C works on ensuring that all foundational Web technologies meet the needs of civil society, in areas such as accessibility, internationalization, security, and privacy. W3C also provides the standards that undergird the infrastructure for modern businesses leveraging the Web, in areas such as entertainment, communications, digital publishing, and financial services. That work is created in the open, provided for free and under the groundbreaking W3C Patent Policy.
W3C's vision for "One Web" brings together thousands of dedicated technologists representing more than 400 Member organizations and dozens of industry sectors. W3C is jointly hosted by the MIT Computer Science and Artificial Intelligence Laboratory (MIT CSAIL) in the United States, the European Research Consortium for Informatics and Mathematics (ERCIM) headquartered in France, Keio University in Japan and Beihang University in China. For more information see https://www.w3.org/.
About Yubico
Yubico sets new global standards for simple and secure access to computers, mobile devices, servers, and internet accounts. The company’s core invention, the YubiKey, delivers strong hardware protection, with a simple touch, across any number of IT systems and online services. The YubiHSM, Yubico’s ultra-portable hardware security module, protects sensitive data stored in servers. Yubico is a leading contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor open authentication standards, and the company’s technology is deployed and loved by 9 of the top 10 internet brands and by millions of users in 160 countries. Founded in 2007, Yubico is privately held, with offices in Sweden, UK, Germany, USA, Australia, and Singapore. For more information: www.yubico.com.
End Press Release
W3C Media Contact
Amy van der Hiel, W3C Media Relations Coordinator <w3t-pr@w3.org>
+1.617.253.5628 (US, Eastern Time)
Yubico Media Contact
Karin Muskopf, Sr. Director, Global Communications <karin.muskopf@yubico.com>
