Blogposts tagged with 'Security'

04 Jul 2026

Building passkeys in Ruby on Rails

A from-scratch passkey build in Ruby on Rails: no Devise, just the webauthn-ruby gem for server-side crypto and the browser's native API. Passwordless, usernameless sign-in, the parts a demo skips, and a gem that packages the two ceremonies.

Read More »

28 Jun 2026

Passkeys from first principles

A passkey moves the secret off your server: the site keeps only a public key, the private key never leaves the user's device, and phishing stops being possible. Here is where passkeys sit in the authentication landscape, and the two ceremonies at the heart of WebAuthn.

Read More »