Passwords are a form of knowledge-based authentication. For a user to prove they are who they claim to be, they need a secret — the password — that has been previously stored by the service. Multifactor authentication (MFA) is a technique designed to strengthen the authentication process by adding possession-based authentication to knowledge-based authentication. A service can only authenticate a user when they prove they have knowledge of the shared secret in addition to something they have or are. Eliminating shared secrets removes the intrinsic weakness of password-based authentication and MFA. A secure form of possession-based authentication is the best alternative. Passwordless authentication based on FIDO standards is considered the archetype. FIDO passwordless authentication is based on public-key cryptography.


More

Secure ID News: Merging FIDO and PIV could help Feds achieve strong authentication goals

This story from Secure ID News covers a recent FIDO Alliance white paper that outlines…

Read More →

FindBiometrics: FIDO Heralds Increasing Prominence of its Standards in Mobile Sector

In this article, FindBometrics reports on how the FIDO Alliance is heralding the increasing prominence…

Read More →

FindBiometrics: FIDO Gets High-Profile Endorsements at RSA 2017

FindBiometric shares highlights on FIDO from RSA 2017, including a summary of the FIDO Alliance’s…

Read More →