ASP.NET Core 8.0 - Users With Device 2FA Project

The Users With Device 2FA Project (UWD2FAP) is the source code for UsersWithPasswords. Com. The UWD2FAP is developed with Visual Studio 2022 and the MS Long Term Support (LTS) version .NET 8.0 framework. All Errors, Warnings, and Messages from Code Analysis have been mitigated. The UWD2FAP is a combination of the Users Without Identity Project and the Users Without Passwords Project. The project implements WebAuthn, also known as FIDO2, instead of authenticator apps for two-factor authentication (2FA). After a user registers, they can enable 2FA with Windows Hello, Apple Face ID and Touch ID, Android Lock Screen, or a FIDO2 security key.

The UWD2FA was initially developed back in 2021 with framework .NET 6.0. I enabled the nullable context and mitigated all warnings and issues. See Nullable reference types. Version 2.x of the project integrates the ASP.NET Core 6.0 - Homegrown Analytics Project and implements multiple email addresses per user. The World Wide Web Consortium (W3C) is working on the next API specification for accessing Public Key Credentials. The W3C Working Draft, dated 27 January 2025 is published at Web Authentication: An API for accessing Public Key Credentials Level 3. The latest Editors Draft is published at Editor’s Draft, 13 August 2025. The UWD2FA V4 supports these new requirements. The Attestation (registration) and Assertion (authentication) processes have been updated and commented to meet the new specification. New properties are added to the Passkey (credential) and the PasskeyChallenge (audit) records. I updated the Passkey and PasskeyChallenge UI. I added Ed25519 algorithm support. The latest version of the UWD2FA is published at UsersWithPasswords .Com.