FIDO authentication is the answer to the world's password problem. More specifically it is an authentication protocol created by the FIDO Alliance. It replaces the typical password-only online login with other more secure and much faster login options.
Considering the importance and benefits of FIDO authentication, we wanted to give you a quick list of the top 10 things you need to know about it. Let’s take a look:
1 - FIDO Authentication Mitigates the Most Common Cybersecurity Threats
Cyber-attacks like, Phishing, Man-In-The-Middle and Man-In-The-Browser are a massive threat to regular online authentication. However, password-less options offered by FIDO Authentication have successfully reduced the risks for having such types of attacks.
2 - FIDO Authentication Could Replace Passwords with Biometrics
This creates a better user experience. However, it also stores credentials on the user's device, eliminating the fear that centralized storage, which is out of the user's reach, will be compromised.
3 - The FIDO Alliance is Comprised of Over 250 Leading Organizations
Some of these are the world’s leading vendors, relying parties, service providers, platform and browser providers like Google, Firefox, and Microsoft.
4 - FIDO Alliance uses 3 Sets of Specifications
The first is the Universal Authentication Framework (UAF) that’s made to provide a password-less experience with plug-in and built-in authenticators. The Universal Second Factor (U2F) boosts the security that password-based mechanisms provide by offering a second factor authentication option. The last is the Client to Authenticator Protocol (CTAP) - introduced in FIDO2, which expands the UAF and U2F functions by providing an out-of-device authenticator.
5 - The FIDO Alliance Collaborated with the World Wide Web Consortium (W3C)
This collaboration has standardized FIDO for all major browsers by creating the WebAuthn that includes an extension to the existing Credential Management API, which stores username-password combinations.
6 - Microsoft Supports FIDO in Several Key Ways
FIDO is supported in Windows 10 with security features like Microsoft Passport, Windows Hello, and with web authentication API support in Microsoft Edge.
7 - FIDO Authentication Is Usually Described as the Best Multi-Factor Authentication Method on the Market
That’s because FIDO is one of the few that takes into account many practices that are in common use today, like JavaScript in browsers, the ubiquity of web applications, the prevalence of USB ports, and more. Most importantly, the system has solved the problem of passwords and other shared secret authentication methods, which are never secure enough.
8 - People Are Increasingly Using Smartphones as Their Primary FIDO Authenticators
This is good because smartphones are extremely encryption-capable today, and FIDO has taken this into account when creating their multi-factor authentication scheme.
9 - Manufacturers of Android Smartphones Embed UAF Authenticators Today
Most new Android phones, like the ones made by Sony and Samsung, include UAF authenticators in their phones to provide stronger authentication for users.
10 - FIDO Has the Option to Combine Hardware-based Authentication with an Additional Factor
This additional factor is usually a PIN that's needed only to unlock a security key. It differs from a password because it's stored locally on a device and not sent to the service for validation. All of that is performed locally with FIDO.
Finally, FIDO Alliance defines a certification program intended to provide more confidence in the techonology. Nevertheless, this program requires yet another Top 10 things you should know about the security assurance levels and how they affect different implementation of FIDO.
Stay tuned...