Security News

In this Help Net Security video, Jason Kent, Director at Open Seas, explains why FIDO and passwordless authentication is the future. He dives deep into the technical reasons and explains why physical FIDO authentication is safer than other software/app/SMS solutions.

Today, Microsoft, Apple, and Google announced plans to support a common passwordless sign-in standard developed by the World Wide Web Consortium and the FIDO Alliance. "These multi-device FIDO credentials, sometimes referred to as passkeys, represent a monumental step toward a world without passwords," added Microsoft Identity Division Vice President Alex Simons.

At the heart of the matter: proposed WebAuthn changes that will smooth the traditional security-versus-usability trade-off that users face when considering FIDO. While FIDO can deliver better security, users have hoops to jump through, FIDO said, including the need to adopt a security key - for example, the fobs sold by Yubico - as an authentication device. Nearly a decade ago, FIDO made it its mission to fight stale, plaintext passwords and create a new, interoperable system of authentication technologies.

The FIDO Alliance has been trying to eliminate passwords since its inception in 2012. FIDO has a long history of authentication innovation, being responsible for the USB hardware keys that were everywhere for a while, as well as being part of the team that published the WebAuthn security specification.

LoginID announced additional SDK options for developers. These SDKs empower developers to integrate FIDO strong authentication into their websites or apps.

The FIDO Alliance, which operates with no smaller mission than to "Reduce the world's over-reliance on passwords", has announced the release of new user experience guidelines aimed at bringing the more technophobic on board. Launched back in 2013 as the Fast Identity Online Alliance, the FIDO Alliance aims to do away with passwords altogether through the introduction of standards-compliant "Authenticators" including USB security dongles, fingerprint readers, Trusted Platform Modules and more.

The FIDO Alliance announced its first user experience guidelines and new FIDO2 standards enhancements aimed at accelerating the world's move beyond passwords. The FIDO UX guidelines provide that path, allowing service providers to help consumers understand, adopt and benefit from logging in with FIDO. At the same time, the increase in remote work and subsequent increase in phishing attacks on their infrastructure is accelerating enterprises' digital transformation plans and making strong authentication a priority.

LoginID announced additional investment from Visa on the heels of its $6M seed round from veteran payment and fintech entrepreneurs. Visa recognizes that strong authentication solutions from companies like LoginID help promote its vision to improve integrity around payments - both reducing fraud and helping merchants meet global regulatory and compliance demands.

The FIDO Alliance announced the launch of the FIDO Device Onboard protocol, a new, open IoT standard which will enable devices to simply and securely onboard to cloud and on-premise management platforms. Of the 170 IoT leaders surveyed, they found that 85% say security concerns remain a major barrier to IoT adoption.

FIDO is designed to bolster authentication assurance by "Protecting" and eliminating passwords. Here are five ways to maximize FIDO. Maximize FIDO: Use all three factors.