Andrew Shikiar, CEO of the FIDO Alliance, noted that the updated NIST guidance confirms passkeys’ ability, along with other FIDO authenticators, to meet AAL2 and AAL3 requirements. Synchronized passkeys can achieve AAL2, while device-bound passkeys can reach AAL3.


More

The Verge: You can now sign into a Microsoft Account without a password using a security key

Microsoft is the first company to support passwordless authentication using FIDO2 WebAuthn and CTAP2 standards…

Read More →

Bank Info Security: State of the Authentication Landscape

In this Bank Info Security article, Shane Weeden, an authentication expert with IBM Security, discusses…

Read More →

Tech Target: How can U2F authentication end phishing attacks?

Tech Target reports on Google’s adoption of FIDO U2F security keys as a strategy to…

Read More →