Software Alternatives & Reviews

Multi-Factor Authentication for Rails with WebAuthn and Devise

Recommended and mentioned products

  1. A utility-first CSS framework for rapidly building custom user interfaces.

    For some styling and icons, I used Tailwind CSS 2 and Font Awesome 5 in a free version.
  2. Google Authenticator is a multifactor app for mobile devices.

    The most common MFA methods utilize OTPs via SMS (which are not as secure as they seem to be) or an authenticator application, such as the Google Authenticator app, or a modern password manager (such as Bitwarden or 1Password).
  3. Ruby on Rails is an open source full-stack web application framework for the Ruby programming...

    There are several ways to add multi-factor authentication (MFA) for safer user authentication. Let’s look at how to add a modern MFA approach to a Rails application with WebAuthn.
  4. Check if your account has been compromised in a data breach

    With WebAuthn, you can allow (or enforce) the use of more factors for authentication than the password or an OTP. Users who do not utilize a password manager could use their favorite password, even if it has been leaked (see haveibeenpwned.com), because adding another factor with WebAuthn should prevent any unauthorized access to their account (but I do not recommend it, of course).
  5. Flexible authentication solution for Rails with Warden.

    In this article, I will demonstrate how to implement WebAuthn with Devise, a popular authentication library for Rails. All the mentioned options (security keys, Windows Hello, and Apple Touch/Face ID) will be available to use within the application.
  6. Font Awesome makes it easy to add vector icons and social logos to your website. And version 5 is redesigned and built from the ground up!

    For some styling and icons, I used Tailwind CSS 2 and Font Awesome 5 in a free version.
  7. Bitwarden is a free and open source password management solution for individuals, teams, and business organizations.

    freemium $10.0 / Annually (Premium)

    The most common MFA methods utilize OTPs via SMS (which are not as secure as they seem to be) or an authenticator application, such as the Google Authenticator app, or a modern password manager (such as Bitwarden or 1Password).
  8. 1Password can create strong, unique passwords for you, remember them, and restore them, all directly in your web browser.

    paid Free Trial $36.0 / Annually

    The most common MFA methods utilize OTPs via SMS (which are not as secure as they seem to be) or an authenticator application, such as the Google Authenticator app, or a modern password manager (such as Bitwarden or 1Password).