Questions tagged [fido2]
FIDO2 (Fast IDentity Online 2) is a technical specification for biometric authentication to online services, based on FIDO Alliance CTAP2 protocol and W3C consortia's WebAuthn standard. FIDO2 is based on previous FIDO Alliance project U2F
3
questions
18
votes
1
answer
7k
views
FIDO and FIDO2 differences
I've been reading both FIDO and FIDO2 specs for a while tring to understand the similarities and differences between both. Here is how I broke it down so far:
FIDO: First iteration in creating a ...
- 478
2
votes
0
answers
312
views
"Something you have" on a multi-user device - what is the opinion regarding the NIST AAL3 definition?
The NIST AAL3 specification requires
In order to authenticate at AAL3, claimants SHALL prove possession and
control of two distinct authentication factors through secure
authentication ...
- 21
3
votes
2
answers
452
views
FIDO2: should I set user verification to "discouraged" with two-factor authentication?
I provide a web application that uses FIDO2 for two-factor authentication. Recently I got reports that Windows users have to enter a PIN each time they use their hardware token. As far as I understand,...
- 153