FIDO, the protocol behind Google's Security Key, expected to lead the anti-password push

Shawn Knight

TechSpot Staff
Staff member
Fast Identification Online, or FIDO for short, is the key protocol behind the Google Security Key USB drive announced in October. That device was part of a two-factor authentication system that assisted in verifying an identity when logging into Gmail,...

[newwindow="https://www.techspot.com/news/59112-fido-protocol-behind-google-security-key-expected-lead.html"]Read more[/newwindow]
 

ikesmasher

TS Evangelist
I feel like for securitys sake, we should switch to a type of "plug" that doesnt have a security flaw its its fundamental firmware?
 
  • Like
Reactions: Arris

Arris

TS Evangelist
Nah, there is a security flaw with USB where malware/spyware can be loaded onto via this flaw.
Our company has just had a no USB device policy and restrictions implemented to prevent their use rolled out because of this. Don't think they'll be too keen to then rollout a system opening up USB again.
 

Cryptodd

TS Rookie
Note that there are two protocols - U2F (what Google is using with Yubico tokens) and UAF (what Paypay/Alipay use to authenticate users to their mobile phones + applications. This isn't just a Google focused standard (U2F) but also goes to a wider authentication ecosystem with UAF.