![]() ![]() ![]() are already using WebAuthn with many more services becoming compatible with this new standard every month. Everything from identity providers like Microsoft and Okta to consumer services like Twitter, GitHub, etc. WebAuthn creates a standard for web-based applications and web services to use public-key cryptography. It was officially made a web standard on March 4, 2019, to great fanfare in the identity and access management community. The W3C worked on the WebAuthn web authentication standard which forms the core of FIDO2. FIDO2 is actually composed of two different components, WebAuthn and CTAP2. The FIDO2 authentication standard is the result of many years of work. They wanted to actualize the death of the password. It is a joint effort by the Fast IDentity Online Alliance (FIDO Alliance) and the World Wide Web Consortium (W3C) who had a mission to make web authentication stronger in an era where passwords are the biggest vectors for compromise in both our personal and corporate lives. What is FIDO2 and why should I care?įIDO2 is a new open authentication standard for both consumer services and enterprises. Congrats to the team on delivering this capability and a BIG thanks to Swaroop Krishnamurthy (Principal PM Manager at Microsoft) and Libby Brown (Senior Program Manager, Cloud Authentication Team at Microsoft) for letting me give some early feedback. This capability in now in Public Preview for all Azure AD customers as of July 2019. In the upcoming years, your company will undoubtedly be migrating to a combination of these access management solutions if not already using them. Of these, FIDO2 is the non-proprietary method and can be used with other IdPs (identity providers), non-Microsoft environments, as well as many consumer web services which means all-around security for your users. The future state of password-less authentication for Microsoft Windows enterprise environments will be a combination of 3 options:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |