Highest Voted 'fido' Questions - IT Security Stack Exchange

2

votes

0 answers

Can an Android Phone be used as a Windows Hello Security Key?

Microsoft Windows 10 does support physical security keys since some time. Google recently announced that Android phones can be used as security keys as well (primarily for their own services). Is there a way that these two play together, i.e. can I…

asked Sep 28 '19 at 10:43

Christopher Oezbek

131
5

2

votes

1 answer

Is using WebAuthn alone considered as two factor authentication?

Will using WebAuthn for an application make it two factor? I am specifically interested in using Ondevice biometrics and achieve passwordless authentication. For a true two factor authentication you need one to use two of the three forms of…

authentication multi-factor fido

asked Dec 12 '18 at 07:56

Nataraj Rao

21
1

2

votes

1 answer

FIDO2 on Windows: Why do I need a TPM?

I just installed the Windows 10 1809 update, which includes support for FIDO2 passwordless sign-in. I own a Yubikey 5, which supports this standard. However, I am not able to set up Windows Hello, a prerequisite for FIDO2 sign-in, because my PC…

windows-10 tpm fido

asked Nov 27 '18 at 22:14

Daniel Causebrook

121
5

2

votes

1 answer

Webauthn configuration differences in Firefox

I'm trying to understand what the different configuration elements mean in Mozilla Firefox. There was an announcement recently from Dropbox that they had enabled support for WebAuthn. I tried logging in-to DropBox using my U2F key that I'd…

firefox u2f fido

asked May 12 '18 at 04:39

eternaltyro

817
7
16

2

votes

1 answer

Why doesn't a device with x509/PKCS#11 and U2F exist?

I've been looking for a device, smartcard or USB that does two things: provide storage to a private digital signature key (used with in a standard x509 certificate) for signing documents provide U2F credentials for authentication with web…

public-key-infrastructure digital-signature u2f fido

asked Jul 07 '17 at 15:31

marianov

121
2

1

vote

1 answer

Why isn't U2F's CTAP protocol forwards-compatible with FIDO2's CTAP protocol?

I've been trying to find the major differences between "U2F" versus "FIDO2" two-factor authentication standards. Reading some of the articles posted by different companies and even the FIDO site itself give the impression that the main work of the…

protocols u2f fido fido2

asked Apr 07 '21 at 19:00

natevw

131
5

1

vote

1 answer

Implementing FIDO2 (WebAuthN) in Native iOS

I am currently investigating the idea of implementing FIDO2 (WebAuthN) support in native iOS using Swift. I understand that there is no FIDO2 support in native iOS, and only available through Safari native app, but Safari is not an option that I'm…

ios fido webauthn fido2

asked Oct 30 '20 at 22:47

Go James

11
2

1

vote

0 answers

FIDO2 - Where do Android and IOS platform authenticators store private key credentials?

I'm new to FIDO2 specification. I'm aware that Android and IOS devices support FIDO2 protocols (even Android phones could act as a physical key for FIDO2 authentication). However, Could anyone let me know that, when we use the platform…

android ios fido fido2

asked Jul 22 '20 at 08:44

Danh Thanh Nguyen

11
2

1

vote

0 answers

WebAuthn Variation with non-connect dongle Authenticator

As I read through the WebAuthn / FIDO2 documentation, it appears the authentication is done on the local device to create an attestation to the FIDO server. This future implies the "biometrics" or other Authenticator means must be connected to the…

fido webauthn fido2

asked Dec 16 '19 at 15:53

mazecreator

111
2

1

vote

0 answers

Practicality of Direct Anonymous Attestation

DAA (Direct Anonymous Attestation) is not the only scheme to achieve anonymous attestation. In general, these schemes allow an entity to stay anonymous throughout the attestation process. The concern here is not the attestation but key revocation.…

anonymity tpm fido fido2

asked Nov 02 '19 at 23:11

Consy

111
3

1

vote

2 answers

Hardware security key with locked down usb slots

I would like to use hardware security keys in an environment where it is additionally needed to lock down any ways in which a user could download data to a device like a usb key. Is it possible to lock down a usb slot in a way, that file transfer is…

yubikey u2f fido

asked Jun 22 '19 at 18:59

Elsie

25
3

1

vote

1 answer

FIDO2: will FIDO foundation MDS 1.0 metadata statements be migrated to MDS 2.0?

The FIDO foundation provides with metadata web service for UAF (MDS 1.0, https://mds.fidoalliance.org/) and a new web services for FIDO2 / WebAuthn metadata (MDS 2.0, see https://fidoalliance.org/metadata/). Metadata of some authenticators are only…

fido web-authentication webauthn

asked May 22 '19 at 17:18

Tangui

403
2
6

1

vote

1 answer

Does FIDO2 token works as two-factor on password-less authentication?

As authentication factors, I know the following You are (e.g. Biometrics) You have (e.g. USB) You know (e.g. Password) If I use a FIDO2 certified fingerprint reader for password-less authentication with user verification required option, can I…

authentication multi-factor fido

asked Mar 26 '19 at 06:48

Daichi

113
5

1

vote

1 answer

A FIDO U2F Device relies on public/private keys. Do they expire like in regular x509 certificates?

A FIDO U2F Device relies on public/private keys. Do they expire like in regular x509 certificates ?

u2f fido

asked Oct 29 '18 at 17:26

onairda

113
3

1

vote

1 answer

Handling the loss of a phone with FIDO UAF

I would like to know how this UAF method works when we lose our phone. With Google Authenticator we have to save on a paper some info about the generation of the secret key. But how does this work with UAF? If you have also some website that…

authentication websites fido

asked Mar 08 '18 at 15:38

AndoKarim

103
1
5

Questions tagged [fido]