February 3, 2023

NIST: Phishing Resistance – Protecting the keys to your kingdom

Phishing refers to a variety of attacks that are intended to convince you to forfeit sensitive data to an imposter. These attacks can take a number of different forms; from spear-phishing (which targets a specific individual within an organization), to whaling (which goes one step further and targets senior executives or leaders). Furthermore, phishing attacks take place over multiple channels or even across channels; from the more traditional email-based attacks to those using voice – vishing – to those coming via text message – smishing. Regardless of the type or channel, the intent of the attack is the same – to exploit human nature to gain control of sensitive information (citation 1). These attacks typically make use of several techniques including impersonated websites, attacker-in-the-middle, and relay or replay to achieve their desired outcome.

MORE FIDO in the News


Informatik aktuell: FIDO Passkeys 2 – in the future without a password

The FIDO Alliance is committed to making the Internet and...

September 15, 2023

TechRadar: BitWarden adds passwordless SSO

Bitwarden has now added Single Sign-On (SSO) support for trusted...


Smashing Security: 339: Bitcoin boo-boo, deepfakes for good, and time to say goodbye to usernames?

Podcast episode where FIDO Passkeys are mentioned and linked to.


The Green Sheet: The extraordinary life of a payment – Security checkpoints

Andrew Shikiar is quoted in the lead story of The...