x0x0

Any news regarding FIDO2 / WebAuth?

+10 for YubikKey, and especially for Yubikey Bio (FIDO2 / WebAuth) because: When logging into e.g. the web app, the user has to write a code from the 2FA authenticator app (when it's enabled). This method is slow and introduces human errors such as writing the wrong code, or missing the timing of the authenticator app code, since these codes change regulary. I would love to have the option to be able to add hardware-based tokens such as a YubiKey Bio token, instead of having to use authenticator codes. By using a hardware token users will save a lot of time, get better login experience in addition to increasing their security. YubiKey Bio series supports FIDO2/WebAuthn, U2F and one can read more on their home page about this. To support FIDO2, fidoalliance.org writes the following: "For developers with existing web pages or applications that are looking to implement FIDO2, there are two changes that you will have to make to your application: 1) modifying the login and registration pages of your website or mobile application to use the FIDO protocols; and 2) setup a FIDO server to authenticate any FIDO registration or authentication requests. Get a high-level overview of the steps to take for both of those changes here." Best regards