fido – Page 5 – WindowsTechs.com

OpenSSH eases admin hassles with FIDO U2F token support

Posted on February 19, 2020 by John E Dunn

OpenSSH version 8.2 is out and the big news is that the world’s most popular remote management software now supports authentication using any FIDO (Fast Identity Online) U2F hardware token. Continue reading OpenSSH eases admin hassles with FIDO U2F token support→

Apple Joins FIDO Alliance to Eliminate Passwords

Posted on February 12, 2020 by Michael Vizard

The Fast Identity Online (FIDO) standard for authenticating browsers that reduces the reliance of passwords to access applications and devices advanced this week after an endorsement from Apple. The FIDO standard consists of a Universal Second Factor … Continue reading Apple Joins FIDO Alliance to Eliminate Passwords→

Google launches open-source security key project, OpenSK

Posted on February 3, 2020 by Danny Bradbury

OpenSK is a piece of firmware that you can install on a USB dongle of your own, turning it into a usable FIDO or U2F key. Continue reading Google launches open-source security key project, OpenSK→

How does the attestation mechanism of U2F guarantee the provenance of the key material?

Posted on January 23, 2020 by Dan Lenski

I’m trying to understand Yubico’s documentation of the U2F standard, and getting hung up on the PIV attestation piece.

The security claim appears to be that the authoritatively-signed attestation certificate sent by the device upon regist… Continue reading How does the attestation mechanism of U2F guarantee the provenance of the key material?→

Google Account Security Keys Launch for iPhone

Posted on January 16, 2020 by Tara Seals

iPhone users can now use Bluetooth to secure their Google accounts. Continue reading Google Account Security Keys Launch for iPhone→

WebAuthn Variation with non-connect dongle Authenticator

Posted on December 16, 2019 by mazecreator

As I read through the WebAuthn / FIDO2 documentation, it appears the authentication is done on the local device to create an attestation to the FIDO server. This future implies the “biometrics” or other Authenticator means m… Continue reading WebAuthn Variation with non-connect dongle Authenticator→

Apple iOS 13.3 is here, bringing support for keyfobby authentication

Posted on December 12, 2019 by Lisa Vaas

Bullet-proof authentication is just a tap away! Continue reading Apple iOS 13.3 is here, bringing support for keyfobby authentication→

Does injecting my own key material into the authenticator undermine authenticator’s attestation?

Posted on November 7, 2019 by Dmitry Frank

I’d like to be able to inject my own key material in the FIDO2 authenticator; at the very least it will remove the need to trust the vendor (because we have no guarantee whether the vendor keeps copies of the keys to themselv… Continue reading Does injecting my own key material into the authenticator undermine authenticator’s attestation?→

FIDO and FIDO2 differences

Posted on November 5, 2019 by Filipe Rodrigues

I’ve been reading both FIDO and FIDO2 specs for a while tring to understand the similarities and differences between both. Here is how I broke it down so far:

FIDO: First iteration in creating a cross industry standard for passwordless … Continue reading FIDO and FIDO2 differences→

Practicality of Direct Anonymous Attestation

Posted on November 2, 2019 by Consy

DAA (Direct Anonymous Attestation) is not the only scheme to achieve anonymous attestation. In general, these schemes allow an entity to stay anonymous throughout the attestation process. The concern here is not the attestati… Continue reading Practicality of Direct Anonymous Attestation→