Accelerating Authentication Architecture: Taking Passwordless to the Next Level

A slow-loading widget was crippling their passwordless login. See how a new architecture using materialized views cut load times from 500ms down to a blazing-fast 14ms.

#1about 3 minutes

Understanding passwordless authentication technologies

An overview of the core concepts behind passwordless authentication, including FIDO2, WebAuthn, and Passkeys.

#2about 3 minutes

How the initial passwordless solution worked

A high-level look at the original architecture where a user interacts with a widget that triggers a multi-step authentication process involving a customer's user database.

#3about 2 minutes

Identifying the widget's performance bottleneck

The authentication widget loaded with a noticeable delay or sometimes not at all, creating a poor user experience that undermined the speed of passwordless login.

#4about 2 minutes

Analyzing the legacy loading architecture

The previous solution suffered from high latency and request dependencies by loading an SDK, translations, and dynamic configurations in separate network calls.

#5about 2 minutes

Applying design patterns for performance optimization

The materialized view and server-side composition patterns provide a theoretical framework for pre-calculating data and bundling resources to reduce requests.

#6about 4 minutes

Building the new high-performance architecture

A new architecture was designed using a "baking server" microservice to pre-compose all necessary resources into a single file stored in Redis for fast retrieval.

#7about 5 minutes

Scaling the solution with a CDN and request collapsing

AWS CloudFront was placed in front of the baking server to handle massive scale, using request collapsing to prevent the origin from being overwhelmed during traffic spikes.

#8about 5 minutes

Solving the Redis hotkey bottleneck at scale

High traffic to a single Redis key caused network allowance issues, which was solved by sharding the key, adding an in-memory cache, and using CloudFront's Origin Shield.

#9about 3 minutes

Keeping cached data fresh with CDN invalidation

A Redis pub/sub mechanism triggers programmatic CDN invalidations whenever customer configurations change, ensuring users see updates within minutes.

#10about 5 minutes

Reviewing results and key architectural takeaways

The new architecture reduced widget load time from over half a second to 14 milliseconds by leveraging existing components, using observability, and adapting design patterns.

#11about 11 minutes

Q&A on career path and the future of passwordless

A discussion on transitioning into a DevOps role, the industry-wide shift towards passwordless authentication, and balancing user convenience with security.

#12about 6 minutes

Q&A on business drivers and implementation

An exploration of the business motivation for passwordless adoption, such as increasing conversion rates, and the technical challenges of ensuring a secure and seamless user experience.