February 14, 2014

Can the FIDO Alliance Help Obsolete Username Password Authentication?

John Oltsik, NetworkWorld

What does this specification do? Simply stated, it provides standard protocols so that devices (like smart phones, tablets, PCs, IoT sensors, etc.) can easily participate in PKI infrastructure using just about any type of authentication technology as one of the factors. Don’t have a thumbprint reader on your phone? No problem. FIDO can find some other unique identifier (a TPM chip for example) and use this to create a key pair and act as the root of trust. Additionally, FIDO can create unique key pairs for different applications and services (i.e. Windows logon, Facebook, Paypal, etc.) and FIDO provides an abstraction layer so the actual private keys never leave the device and remain secure.

http://www.networkworld.com/community/node/84828

MORE Uncategorized


The Verge: You can now sign into a Microsoft Account without a password using a security key

Microsoft is the first company to support passwordless authentication using...

November 20, 2018

Bank Info Security: State of the Authentication Landscape

In this Bank Info Security article, Shane Weeden, an authentication...

November 6, 2018

Tech Target: How can U2F authentication end phishing attacks?

Tech Target reports on Google’s adoption of FIDO U2F security...

November 5, 2018

PC Mag: Why Passwords Might (Finally) Go Away

FIDO Alliance Executive Director Brett McDowell shares insights with PC...

October 31, 2018
Download Specs