In the world of cybercrime, hacking accounts is a mainstay in the cyber-criminal’s playbook. But as hackers have become more advanced, so have data security methods. Enter FIDO2, the password authentication method designed to outsmart password-hacking criminals.
FIDO is an abbreviation for Fast Identity Online. The 2 just stands for the iteration of FIDO Alliance’s authentication development. The technology makes possible password-free entry to online accounts. FIDO2 users can bypass username and passcode, eliminating some of the cyber threats associated with the use of traditional login credentials.
The first requirement to use FIDO2 authentication is enrollment on a FIDO2-supported website (such as Webauthn or platform module). The next step is to select a security key on the site. This is a digital key that can unlock a user’s various accounts–essentially a very secure skeleton key.
The FIDO2 key takes the form of a peripheral device or a biometric reader set up on a user’s device. It could be a USB with a fingerprint reader, or a smartphones, laptops or tablet with touch or face ID features.
Once the user authenticates their account using traditional credentials, they can enable biometric login from the device they are using. Once the biometric login is selected and activated, it can be used to authenticate the user for subsequent logins.
The Benefits of FIDO2:
Biometric authentication is already a part of daily life for many of us, using Face and Touch ID to open password-protected devices faster and with more ease. FIDO2 extends this practice to web applications so that a single security key can be used to access thousands of online accounts.
Users no longer need to remember and type passwords across multiple accounts, which increases overall account security. And not only does FIDO2 make logging in easier, it does away with the bad habit of re-using login credentials across multiple accounts, something that makes phishing scams more likely to succeed. By replacing weak passwords with strong hardware-based authentication, FIDO2 also further protects against cyber-attacks like credential stuffing and password spraying.
While FIDO2 can be adopted by the average user or businesses, it’s important to keep in mind that this technology is still relatively new. The number of FIDO-enabled platforms is growing, but there are still a limited number of FIDO-supported sites.
Takeaways:
- FIDO2 uses a physical peripheral or embedded biometric activation that eliminates the need to enter traditional usernames and passwords.
- FIDO2 streamlines the login experience, making it easier and faster to authenticate online accounts.
- FIDO2 makes the attack window for cybercriminals significantly smaller by leveraging reliable hardware elements that guard against common password hacking cyber-attacks.