The Web Authentication API (also called WebAuthn) uses public-key cryptography instead of passwords or SMS for two-factor authentication in websites. In this talk, we will learn how to use the Web Authentication API, both in the browser-side as well as setting up the server-side to support WebAuthn.