FIDO U2F

From MgmtWiki

Revision as of 12:39, 30 August 2018 by Tom (talk | contribs) (→‎Problems)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

Contents

1 Full Title or Meme
2 Context
3 Problems
4 Solutions
5 References

Full Title or Meme

A family of standard^[1] for adding more factors to an existing interchange.

Context

This spec is partially succeeded by Web Authentication.

Problems

Existing Authentication protocols based on a User Name and Password are insufficient in a world were so many Users depend on the internet for so much of their daily lives. The first attempt at Multi-factor Authentication was Smart Cards using X.509 Certificates. This scheme worked for large Enterprises but was never accepted by regular Consumers of the internet.

Solutions

Universal Serial Bus (USB) tokens are now widely available, most allow late binding of the user to the Web Site that requires this factor of Authentication.

"Why Johnny Doesn’t Use Two Factor: A Two-Phase Usability Study of the FIDO U2F Security Key" https://fc18.ifca.ai/preproceedings/111.pdf

References

Angelo Liao +1, Introducing Web Authentication in Microsoft Edge. (2018-07-30) Microsoft https://blogs.windows.com/msedgedev/2018/07/30/introducing-web-authentication-microsoft-edge/
Also see the page FIDO UAF for the Universal Authentication description.

↑ FIDO Index of /specs/ https://fidoalliance.org/specs/

Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=FIDO_U2F&oldid=2894"