ASP.NET Core 6.0 - Users Without Passwords Project

All Projects Screenshots Articles Manage/Assets

From the beginning of online accounts, we had passwords. Then we got “I forgot my password”. Password recovery processes were developed to reduce support fatigue. The most popular recovery mechanism is a link with a password reset token sent to the user by email. Then we got “I didn’t get the email”. To help mitigate email delivery issues, the online account registration process required a confirmed email address before access is granted. This discourages users from registering because they fear their email address will be sold, stolen, shared, or abused by email spammers. If passwords are removed, the email address can become optional.

The Users Without Passwords Project (UWPP) implements WebAuthn, also known as FIDO2, instead of passwords. Windows Hello implements authentication with an IR webcam for facial recognition, a fingerprint scanner, or just by setting up and using a PIN. See Learn about Windows Hello and set it up. Version 2.x of the project implements the ASP.NET Core 6.0 - Homegrown Analytics Project and multiple email addresses per user.

I developed KH Authenticator, an application which registers and authenticates a user without a password or email address. The authentication process qualifies as multifactor. The application is installed on something you have. To access the online account, you must provide a PIN (something you know) or a recognized fingerprint scan (something you are). The KH Authenticator application is developed with Visual Studio 2022 and .NET MAUI and is available for Windows and Android. See KH Authenticator Server. Version 2.x of the project implements the KH Authenticator API.

The latest version of the UWPP is published at UsersWithoutPasswords. Com. I encourage you to download the KH Authenticator App. Use the app to register a user without a password or email address. Then authenticate a login with the app. The project supports multiple KH Authenticator apps and multiple FIDO2 authenticators. Users can self-manage authenticators in Manage Account. Admins can list users, authenticators, and histories.

V2.0.22 - MIT License - $25 Access Fee - UsersWithoutPasswordsProject@2.0.22.zip - 9,607,874 bytes

Comments(0)

Not accepting new comments.

Your comment has been submitted.

You will be emailed when approved.

Submit your comment. Comments are moderated.

User Image.
DisplayedName - Member Since ?

Change Log

v2.0.22 - 2024-03-20
-- Updated MS NuGet Packages@6.0.28
-- Updated MailKit NuGet Package@4.4.0
-- Updated Hangfire Packages@1.8.11
-- Updated Bootstrap@5.3.3
-- Updated Bootstrap-Icons@1.11.3
-- Updated KH Authenticator Banner
v2.0.21 - 2024-02-08
-- Added www rewrite url rule
-- Updated Vulnerable Transitive NuGet Packages
-- Updated MS NuGet Packages@6.0.27
-- Updated MailKit NuGet Package@4.3.0
-- Updated Hangfire NuGet Packages@1.8.10
-- Updated PeterO.Cbor NuGet Package@4.5.3
-- Updated MaxMind.Db@4.1.0
-- Updated Bootstrap@5.3.2
-- Updated Bootstrap-Icons@1.11.2
-- Updated KHAuthenticator Support
-- Streamlined Login Process
v2.0.20 - 2023-10-12
-- Updated MS NuGet Packages@6.0.23
-- Updated Admin AppUsers Index
v2.0.19 - 2023-09-13
-- Implemented IdentityErrorDescriber
-- Implemented Contact page
-- Updated MS NuGet Packages@6.0.22
-- Updated MailKit NuGet Package@4.2.0
-- Updated validation-native.js@1.1.1
-- Updated Registration process
-- Updated Terms of Service
-- Added KHAuthenticators Toggle
-- Added Malta Country Name
v2.0.18 - 2023-08-18
-- Updated Hangfire Packages@1.8.5
-- Updated IP to Country Lite database
-- Implemented Project Packaging
v2.0.17 - 2023-08-09
-- Updated MS NuGet Packages@6.0.21
-- Updated Bootstrap@5.3.1
-- Updated BootstrapIcons@1.10.5
v2.0.16 - 2023-07-27
-- Updated Hangfire Packages@1.8.4
-- Updated MS NuGet Packages@6.0.20
v2.0.15 - 2023-07-10
-- Updated Hangfire Packages@1.8.3
-- Updated MailKit NuGet Package@4.1.0
-- Updated MS NuGet Packages@6.0.19
v2.0.14 - 2023-06-14
-- Updated MS NuGet Packages@6.0.18
-- Updated AppVersion audit
v2.0.13 - 2023-06-05
-- Code cleanup
v2.0.12 - 2023-05-26
-- Updated Hangfire Packages@1.8.2
-- Updated KHAuthenticator Schema
v2.0.11 - 2023-05-02
-- Updated Hangfire Packages@1.8.0
-- Updated MailKit NuGet Package@4.0.0
-- Updated LoginWithKHAuthenticator
v2.0.10 - 2023-04-19
-- Implemented Admin Email Confirmation
v2.0.9 - 2023-04-16
-- Updated Audit Log Types
v2.0.8 - 2023-04-12
-- Updated MS NuGet Packages@6.0.16
-- Updated Hangfire Packages@1.8.0-rc3
-- Updated Provider Version Validation
v2.0.7 - 2023-04-06
-- Privacy Policy Update
v2.0.6 - 2023-04-05
-- Code Cleanup
v2.0.5 - 2023-04-02
-- Implemented Login Authenticate
v2.0.4 - 2023-03-30
-- Implemented Provider Service SecurityHash
v2.0.3 - 2023-03-29
-- Implemented Developer Sandbox
v2.0.2 - 2023-03-14
-- Updated MS NuGet Packages@6.0.15
v2.0.1 - 2023-03-12
-- Updated MailKit NuGet Package@3.6.0
-- Updated Unconfirmed EmailAddress
v2.0.0 - 2023-03-10
-- Integrated HomeGrownAnalytics
-- Integrated KHAuthenticators
-- Implemented API and SignalR
-- Implemented JWT Authentication
-- Implemented AppUser Email Addresses
-- Converted SecurityStamps ToBase64String
-- Verified MS SQL Server 2022 Support