FIDO Authentication highlighted for updated phishing-resistant authentication requirements 

The FIDO Alliance endorses The U.S. Office of Management and Budget’s finalized Federal Zero Trust Strategy, supporting their efforts to implement stronger cybersecurity methods across government agencies. The Federal Zero Trust Strategy now requires agencies to use phishing-resistant multi-factor authentication (MFA) to access agency-hosted accounts, highlighting FIDO Authentication as a quality option to ensure user security. Notably, the OMB also recommends this approach in environments where the use of Personal Identity Verification (PIV) isn’t feasible. 

“The Federal Zero Trust Strategy provides a robust roadmap for agencies to follow to ensure best practices in creating a zero trust environment. The FIDO Alliance commends the Office of Management and Budget for requiring phishing-resistant authentication to protect agencies as phishing attacks become significantly more sophisticated – including the increasingly common ability to bypass legacy MFA approaches such as OTPs,” said Andrew Shikiar, executive director of the FIDO Alliance. “Authentication is a critical component of any zero trust architecture. As cited by OMB, FIDO Security Keys and authenticators present a practical alternative to PIV and can provide agencies with a rapidly deployable solution to harden their defenses against hackers armed with increasingly sophisticated and persistent threat campaigns.”

WHO: The FIDO Alliance

WHAT: The OMB’s Federal Zero Trust Strategy, which aims to accelerate the migration of U.S. Government agencies towards zero trust cybersecurity principles, mandates the use of phishing-resistant authentication, such as FIDO Authentication. This serves as yet another example of the government recognizing the importance of not only MFA, but phishing-resistant MFA to secure accounts.

As the OMB initiates this paradigm shift in how Federal agencies approach cybersecurity, the broader adoption of FIDO Authentication will provide simpler and more secure authentication for agencies, especially as enterprise users continue to be the most valuable targets for phishing.

WHEN: The OMB released its final Federal Zero Trust Strategy on January 26, 2022. As detailed in the strategy, agencies are required to achieve the zero trust security goals outlined in the strategy by the end of 2024.

About the FIDO Alliance

The FIDO (Fast IDentity Online) Alliance, www.fidoalliance.org, was formed in July 2012 to address the lack of interoperability among strong authentication technologies, and remedy the problems users face with creating and remembering multiple usernames and passwords. The FIDO Alliance is changing the nature of authentication with standards for simpler, stronger authentication that define an open, scalable, interoperable set of mechanisms that reduce reliance on passwords. FIDO Authentication is stronger, private, and easier to use when authenticating to online services.

PR Contact
press@fidoalliance.org


More

New Data Finds Brands are Losing Younger Customers Due to Password Pain, as Passkeys Gain Mainstream Momentum

Global FIDO Alliance study reveals latest consumer trends and attitudes towards authentication methods and their…

Read More →

The FIDO Alliance Launches Comprehensive Web Resource to Accelerate Passkey Adoption

Passkey Central provides leaders with education about passkeys and steps to implement them for consumer…

Read More →

FIDO Alliance Publishes New Specifications to Promote User Choice and Enhanced UX for Passkeys

The FIDO Alliance has published a working draft of a new set of specifications for…

Read More →


12366 Next