I wanted a simple user management system to prototype websites for prospects. My research started with
Use cookie authentication without ASP.NET Core Identity and
AspNetCore.Docs/ aspnetcore/ security/ authentication/ cookie/ samples/ 3.x/ CookieSample/. The MS
Docs article and GitHub example only authenticate a hard coded user. There is a lot more to consider when you
store user information in a database. This series will present and attempt to mitigate some of the issues when you
persist users to a database.
I developed KH Authenticator, an application which registers and authenticates a user without a password or email address.
The authentication process qualifies as multifactor. The application is installed on something you have. To access the online
account, you must provide a PIN (something you know) or a recognized fingerprint scan (something you are). The KH
Authenticator application is developed with Visual Studio 2022 and .NET MAUI and is available for Windows and
Android. See KH Authenticator Server. Version 2.x of
the project implements the KH Authenticator API.
The Users Without Identity Project (UWIP) implements ASP.NET Core 6.0 with Visual Studio 2022.
Version 2.x of the project implements the ASP.NET Core 6.0 - Homegrown Analytics Project and multiple email
addresses per user. Users can self-manage passwords, email addresses, authenticators, and security in Manage
Account. Admins can list and manage users, email addresses, authenticators, and histories. Details, screenshots,
change log, and related articles can be found at
ASP.NET Core 6.0 - Users Without Identity Project.