No matter how many times we type it in, sometimes we forget our password.
And if you’re anything like me, you click “reset password” only to be told you can’t use an old password.
What if there was a better way to up your cyber security game and ensure your private information stays safe from a data breach? If that’s something you’re interested in, then it’s time you learned all about FIDO.
Before we dive in, let’s explain what FIDO stands for.
What does FIDO stand for?
When it comes to technology and cyber security, FIDO stands for fast identity online.
When it comes to logging into our accounts online, typing in a password and dealing with online authentication can take a long time, even if you’re dealing with password management software.
Related: Interested in password manager software, but unsure which to choose? Check out this free list, brought to you by G2! |
Because of this, FIDO allows online platforms and secure networks to move beyond requiring users to manage their identity by replacing logging in using a password with secure and fast login experiences across both websites and applications.
When using FIDO, there are two options: U2F and 2.0.
What is U2F?
U2F, also known as Universal 2nd Factor, is a strong industry standard for two-factor authentication and makes use of a physical device, similar to a USB, that you’ll use to log in to service. This provides strong security that is easy to use, while also being extremely private and cost-effective.
What is FIDO 2.0?
FIDO 2.0 is the passwordless version of FIDO U2F, meaning you won’t need any sort of password to log into services or accounts. This method supports two-factor and multi-factor user experiences, such as biometrics and PINS, as well as external authenticators, like security keys, mobile devices, and wearables.
How does FIDO work?
FIDO may seem complicated, but we’re here to break it down as simply as possible.
To provide a stronger authentication system than two-factor authentication, or even multi-factor authentication, FIDO uses standard public-key cryptography. When a user registers for an online service, the device creates a new key pair, while retaining the private key and registering the public key with the online service.
Authentication is completed by the device when the client proves possession of the private key. The private keys can only be used after they are unlocked on the device by the user. This can be done by using a fingerprint, entering a pin, speaking into a microphone, or pressing a button.
Types of FIDO
There are two main types of FIDO that you can use to both keep your data protected and use to log into various platforms: a security key and biometric technology.
Security key
The most common type of FIDO is having a physical security key. This will look similar to a USB drive and will be an actual piece of hardware that you insert into your computer to prove that you’re who you say you are.
Image Source: The Verge
While you may be concerned with losing a FIDO security key, but even if you do, whoever finds it won’t be able to use it. This is because that person would need to know what devices or accounts the key pairs with to be able use it to login.
Biometrics
The more advanced type of FIDO will use biometric authentication, such as the voice of a user, their fingerprint, or facial recognition.
An example of this is how the new MacBook Air models have a built-in TouchID fingerprint scanner so users don’t need to type in their password every time they go to login. The same can be said for FaceID on newer iPhone models.
The future of FIDO
While we don’t have a crystal ball, some predictions that can be made regarding the future of FIDO.
As technology progresses, there will likely be a shift to passwordless authentication from companies across varying industries. In a future passwordless world, a user could have their own trusted device that they use to authenticate themselves, and could potentially walk up to any device, especially a device enabled with IoT functionality, and it’ll know that the user is who they say they are.
Access granted
No one wants their data stolen or to fall victim to identity theft. With FIDO, you can have the added peace of mind that your information is secure and only you’re able to access it.
Interested in learning more about ways you can protect yourself from hackers and cyber criminals? Check out our resources on social engineering and phishing.