Code Room
System designHardsd-g229
Subject AuthenticationLevel Senior–Staff~40 minCommon in Security interviewsIndustries Technology, Software development

Question

Design a passkey (WebAuthn/FIDO2) authentication system to replace passwords for a 100M-user consumer product, while keeping a graceful fallback for users who lose their device or are on an unsupported platform. Requirements: phishing-resistant login, credentials sync across a user's devices, and account recovery that doesn't reintroduce a phishable shared secret. Walk through registration and login, where the public-key credentials live and how they're looked up at login, the cross-device/sync story, and the hardest problem — account recovery.

What a strong answer looks like

Clarify scale and constraints first. Propose a clean component breakdown, then go deep on the hard parts — data model, bottlenecks, consistency, failure modes — and name the trade-offs you are making.

Narrate your design
Loading whiteboard…
Run or narrate your approach, then ask the coach.