FIDO2

FIDO2 is an open authentication standard. It is developed by the FIDO (Fast IDentity Online) Alliance. It is based on 2 specifications:

  • the W3C Web Authentication specification (WebAuthn API)
  • the Client to Authentication Protocol (CTAP2) between the authenticator and the client.

FIDO2 provides a strong passwordless authentication, with 2 authentication factors. :fire:

Let’s review the basics of FIDO2. This is only a simplified modelling of the process! :bulb:

Note: Based on original learning material from Yubico engineers.