Recent academic research has revealed new insights into the security considerations surrounding FIDO2 authentication and synced passkeys, highlighting both the strengths and potential vulnerabilities of current authentication systems. The analysis comes at a time when major technology companies are increasingly adopting passkey technology, with Microsoft reporting login times three times faster than traditional passwords.

Formal methods analysis of the FIDO2 standard has revealed potential weaknesses in the underlying protocols that warrant attention from security professionals. The research particularly focuses on the implementation of synced passkeys, which enable cross-device access through passkey providers. These findings support recent expert warnings about interoperability concerns in FIDO2 implementations.


More

Mobile ID World: FIDO Alliance Sharpens Passkey Trust With New Metadata Service Rules

The FIDO Alliance is tightening how relying parties evaluate passkeys and other FIDO authenticators, rolling out new…

Read More →

Biometric Update: FIDO Alliance broadens scope with new digital credentials work, deployments

The FIDO Alliance is leveling up. Several announcements show the passwordless-focused organization evolving, as it expands beyond…

Read More →

The Register: Death to one-time text codes: Passkeys are the new hotness in MFA

Whether you’re logging into your bank, health insurance, or even your email, most services today…

Read More →


Subscribe to the FIDO newsletter

Stay Connected, Stay Engaged

Receive the latest news, events, research and implementation guidance from the FIDO Alliance. Learn about digital identity and fast, phishing-resistant authentication with passkeys.