Passwordless login on the web with passkeys

Passkeys are more secure than passwords because of which of the following factors?

They're resistant to phishing.

They offer two-factor authentication in a single step.

Only the public key is stored on the web app’s server, so they minimize the impact of server breaches.

All of the above.

Each passkey can only be used for the service on which it's created.

True

False

A user's biometric data never leaves the device and is never stored on a central server where it could be stolen in a breach.

True

False

To authenticate with passkeys on a device, users can use which of the following authentication methods?

Fingerprint sensor

Facial recognition

Device pin or pattern

All of the above

Users can select an account to sign in with passkeys. Typing the username isn't required.

True

False

To support passkeys in your web app, you need to use which of the following APIs?

Biometrics API

Web Authentication API (WebAuthn)

2FA API

To create a passkey in your web app, you need to call which of the following methods?

navigator.credentials.create()

navigator.credentials.get()

Before you create a passkey, you need to request some parameters from the server. The `rp.id` parameter refers to which of the following pieces of data?

A user-friendly name for the account

The domain of the relying party

The user's unique ID

To display saved passkeys when a user clicks or taps on the username field, you need to add the following attribute to the HTML `<input>` form field:

autocomplete="username webauthn"

type=”passkey”

name=”passkey”

The `mediation: 'conditional'` parameter lets users rely on browser autofill to sign in. What happens when you call the `navigator.credentials.get()` method with the `mediation: 'conditional'` parameter?

The call will be pending, and the promise won't resolve until the user interacts with the autofill input element and completes the authentication with screen lock.

The call fetches a challenge from the server and performs user authentication automatically.

Passkeys are more secure than passwords because of which of the following factors?

Each passkey can only be used for the service on which it's created.

A user's biometric data never leaves the device and is never stored on a central server where it could be stolen in a breach.

To authenticate with passkeys on a device, users can use which of the following authentication methods?

Users can select an account to sign in with passkeys. Typing the username isn't required.

To support passkeys in your web app, you need to use which of the following APIs?

To create a passkey in your web app, you need to call which of the following methods?

Before you create a passkey, you need to request some parameters from the server. The rp.id parameter refers to which of the following pieces of data?

To display saved passkeys when a user clicks or taps on the username field, you need to add the following attribute to the HTML <input> form field:

The mediation: 'conditional' parameter lets users rely on browser autofill to sign in. What happens when you call the navigator.credentials.get() method with the mediation: 'conditional' parameter?

Before you create a passkey, you need to request some parameters from the server. The `rp.id` parameter refers to which of the following pieces of data?

To display saved passkeys when a user clicks or taps on the username field, you need to add the following attribute to the HTML `<input>` form field:

The `mediation: 'conditional'` parameter lets users rely on browser autofill to sign in. What happens when you call the `navigator.credentials.get()` method with the `mediation: 'conditional'` parameter?