If you want to use multi-factor authentication in Moodle, you will surely have seen the tool_mfa plugin from Moodle Partner Catalyst IT. While it is an awesome toolbox for administrators to add various additional authentication factors to Moodle and control the application of these factors to user groups, it lacked support for WebAuthn.
Based on a joint collaboration between Moodle Partner lern.link, Moodle Partner Catalyst IT and security hardware vendor Swissbit, a WebAuthn factor was developed for and integrated into tool_mfa which allows Moodle administrators now to easily rollout support for FIDO2 sticks in Moodle and to make Moodle accounts especially of Moodle administrators and managers much more secure.
In this talk, we will give a short overview what made this upstream contribution successful and will give a short demo how authentication with FIDO2 in Moodle with tool_mfa looks like.