Recent academic research has revealed new insights into the security considerations surrounding FIDO2 authentication and synced passkeys, highlighting both the strengths and potential vulnerabilities of current authentication systems. The analysis comes at a time when major technology companies are increasingly adopting passkey technology, with Microsoft reporting login times three times faster than traditional passwords.

Formal methods analysis of the FIDO2 standard has revealed potential weaknesses in the underlying protocols that warrant attention from security professionals. The research particularly focuses on the implementation of synced passkeys, which enable cross-device access through passkey providers. These findings support recent expert warnings about interoperability concerns in FIDO2 implementations.


More

PhonAndroid: 3.2bn Hacked Login and Passwords Have Leaked: Check if Your Email is Part of It

This article discusses the COMB breach with some tips and advice to secure your identity…

Read More →

Raconteur: Holding Customers Accountable for Authentication

Andrew Shikiar, executive director at FIDO Alliance, a global consortium working on the creation of…

Read More →

CSO Online: FIDO Explained: How this Industry Initiative Aims to Make Passwords Obsolete

The FIDO Alliance came together in 2013 as security pros working at PayPal, Lenovo, and…

Read More →


Subscribe to the FIDO newsletter

Stay Connected, Stay Engaged

Receive the latest news, events, research and implementation guidance from the FIDO Alliance. Learn about digital identity and fast, phishing-resistant authentication with passkeys.