Security News

Google has announced the first open-source quantum resilient FIDO2 security key implementation, which uses a unique ECC/Dilithium hybrid signature schema co-created with ETH Zurich. FIDO2 is the second major version of the Fast IDentity Online authentication standard, and FIDO2 keys are used for passwordless authentication and as a multi-factor authentication element.

Google on Tuesday announced the first quantum resilient FIDO2 security key implementation as part of its OpenSK security keys initiative. "This open-source hardware optimized implementation uses a novel ECC/Dilithium hybrid signature schema that benefits from the security of ECC against standard attacks and Dilithium's resilience against quantum attacks," Elie Bursztein and Fabian Kaczmarczyck said.

The FIDO Alliance's Andrew Shikiar explains how passkeys are quickly replacing passwords as the next-generation login, a low friction, high security protocol for any device. When the FIDO Alliance holds its virtual Authenticate Virtual Summit on passkeys event this week, the focus will be on how enterprises are shifting away from passwords to the new passkey standards and technical innovations, constituting the latest advance in public key cryptography.

Microsoft has released the optional KB5017380 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2. This update includes numerous bug fixes and enhancements, including a new FIDO2 and Windows Hello authentication features. The KB5017380 cumulative update preview is part of Microsoft's September 2022 monthly "C" update, allowing admins to test upcoming fixes released in the October 2022 Patch Tuesday.

In FIDO2 multi-factor authentication, platform authenticators aim to be the answer to our usability woes, but do they improve the user experience and are they enterprise ready? In this article, we'll dive into the world of FIDO2 authenticators, the problems that still exist and how these create major roadblocks for enterprises widely adopting FIDO2. FIDO2 improves on U2F in many ways, but arguably the most important is the introduction of the platform authenticator, which aims to solve the usability problems.

The FIDO Alliance announced its first user experience guidelines and new FIDO2 standards enhancements aimed at accelerating the world's move beyond passwords. The FIDO UX guidelines provide that path, allowing service providers to help consumers understand, adopt and benefit from logging in with FIDO. At the same time, the increase in remote work and subsequent increase in phishing attacks on their infrastructure is accelerating enterprises' digital transformation plans and making strong authentication a priority.

Akamai Technologies announced the launch of Akamai MFA, a phish-proof solution designed to enable enterprises to quickly deploy FIDO2 multi-factor authentication without the need to deploy and manage hardware security keys. Akamai MFA uses a smartphone application that transforms existing smartphones into a hardware security key to deliver a frictionless user experience.

If you've purchased a FEITIAN FIDO2 device and can't seem to get it working with Linux, Jack Wallen shows you how. That's fundamentally how FIDO2 works, and there are plenty of companies that make such devices.

Identiv announced the launch of its new industrial-strength, government-grade uTrust FIDO2 NFC Security Keys, providing simple, strong authentication that eliminates the need for passwords, resists phishing attacks, and protects user credentials. Identiv's uTrust FIDO2 NFC Security Keys are built in the U.S. and adhere to the highest standards, unlike other leading FIDO security key providers.

Hybrid environments can now join the preview party for FIDO2 support in Azure Active Directory. One way to move on is via a FIDO2 security key; the FIDO alliance has already signed up the likes of Google and Mozilla for browser authentication and back in October 2019 Microsoft unveiled a preview of FIDO2 security support in Azure Active Directory.