For years, the password has been the standard in terms of identification while offering little guarantee. To secure access it has become essential to implement a second authentication factor. Despite this, security flaws have been discovered in 2019 on some types of dual authentication. FIDO2 may provide the answer...
How secure is your organization's authentication model?
For years, the password has been the standard in terms of identification while offering little guarantee. To secure access, it has become essential to implement a second authentication factor. However, the management of complex passwords remains difficult. Security flaws have also been discovered in 2019 on some types of dual authentication. (applications/sms)
In 2012 the FIDO alliance was created to try to establish a password-free authentication protocol. Four years later the alliance continues its work with an ambitious goal of creating a recognized standard for strong authentication on the internet.
The FIDO2 standard is the new standard that allows to replace the weak identification based on passwords by a strong authentication, via a hardware using public key cryptography (asymmetric).
In 2019, Microsoft offers the public preview of Azure AD's support for FIDO2-based passwordless login, and in March the feature is offered in stable release and for production use.
Fido2 is the strongest standards-based authentication method available. It remedies traditional security flaws by eliminating the risks of phishing and MITM attacks.
Starting this spring, Microsoft will allow people to delete their old passwords and go completely password-free.
Advantages of the Fido2 key:
The key offers the possibility of logging into different accounts and authenticating without a password, and is impossible to hack, making it impossible to steal your data.
In case of loss of the key it remains unusable because it is protected with a Pin code or a fingerprint depending on the type of key.
No password reset management because there is no password anymore!
Solution Management:
Administrators can now activate the self-service solution for all users or a specific user group. It is possible for the administrator to delete a key if the user has reported it stolen.
Microsoft has introduced several monitoring solutions to manage FIDO2 keys, which gives you the flexibility to integrate it into your solution.
Many sites or services have already integrated the use of this type of key.
Need a demonstration or a specific study for your needs? Contact us for a demonstration or a specific study for your needs.
PATRICE COUEDEL
Micropole - Go Cloud & Security
