Skip to content

FIDO

FIDO (Fast Identity Online)

  • Uses a Public Private key generated when adding the device for 2FA

https://gist.github.com/Kranzes/be4fffba5da3799ee93134dc68a4c67b ssh key in fido

Universal Authentication Framework (UAF) protocol

  • Used to implement biometric authentication instead of a password.

Universal Second Factor (U2F) protocol.

  • Similar to OTP

Client to Authenticator Protocol 2 (CTAP2).

  • This is the protocol that the YubiKey uses to communicate with the computer.
    • Usually over USB, NFC or Bluetooth

Web Authentication (WebAuthn)

  • Allows a Web Server to authenticate a user with a YubiKey
  • This is generalized and can use other authentication mechanisms like biometrics or Face Identification

User Presence vs User Verification

FIDO 2

  • New Protocol
  • Can be used for passwordless authentication