#fido — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #fido, aggregated by home.social.
-
OpenAI ersetzt Passwörter und Recovery-Optionen für ChatGPT durch Hardware-Schlüssel und Passkeys.
Die Advanced Account Security deaktiviert E-Mail- und SMS-Wiederherstellungen komplett. Konten mit dieser Stufe werden vom Training der KI-Modelle ausgeschlossen. Für Cybersecurity-Experten im Programm »Trusted Access for Cyber« wird die FIDO-kompatible Hardware-Bindung bis Juni 2026 Pflicht.
#ChatGPT #OpenAI #Yubico #FIDO #AIGeneratedImage
https://www.all-ai.de/news/news26/openai-sicherheit-passwort
-
i don't want to be a curmudgeon, some of that attitude is warranted but you still have to produce and try some things. I am working on basic 5 page site template but also bigger efforts, addressing smb mkt not just local break/fix mkt. maybe the bootable nvme idea (hardened deb) with persistence and enc - a must for the road warrior but good for anyone who values security and privacy #fido #fips #extras #working drivers #vetted #pentoo #ventoy
-
The Race Is on to Keep #AI #Agents From Running Wild With Your #CreditCards
#AIagents may soon be buying your stuff for you. The #FIDO Alliance has teamed up with #Google and #Mastercard to try to ensure that #shopping in the near future isn't a complete disaster.
#security -
The Race Is on to Keep #AI Agents From Running Wild With Your Credit Cards
#AgenticAI #cybersecurity #shopping #finance #Google #Mastercard #FIDO
-
The UK National Cyber Security Centre (NCSC) has advised that passkeys should now be consumer’s first choice for authentication, and that the use of passwords should be gradually phased out.
#passkeys #ncsc #uk #technews #passwords #cybersecurity #infosec #fido
-
I'm working to aggregate some common questions about #passkeys, both from non-technical and technical perspectives. These will be used in an end user facing site in the future.
Any and all feedback is welcome.
https://forms.gle/wmaydkzmUp2eKfJG7
(also would appreciate some reposts to widen the audience)
-
I am looking for some #localFirst solution for blog authoring what would publish (all or some) posts to an activityPub server like to a relay, with publishing of new versions of posts as updates.
And fetch new posts, comments, mentions, messages, and reactions arrive to my local-first thing as a Feed or an Inbox.
Sounds like I want "Fido with formatting and attachments" over #ActivityPub .
The #Fido part is avoid need to be "always online", but sync that few times per day when have time for it -
Gibt es eigentlich Schweizer Banken, die das Login zum E-Banking mit gewöhnlichen Passkeys ermöglichen, ohne spezielle App, die nur mit Google oder Apple funktionieren?
#E-Banking #passkey #fido #followerpower -
How To Safely Eject And Remove A YubiKey Or Any USB Device On Windows https://youtu.be/R5dfnhQrsD8 #Websplaining #SafelyEject #RemoveYubiKeySafely #USB #UsbDevice #Windows #WindowsPC #SafelyEjectYubiKey #SafelyRemoveYubiKey #SecurityKey #Yubico #YubiKey #EjectYubiKey #OTP #FIDO #CCID
-
How To Safely Eject And Remove A YubiKey Or Any USB Device On Windows https://youtu.be/R5dfnhQrsD8 #Websplaining #SafelyEject #RemoveYubiKeySafely #USB #UsbDevice #Windows #WindowsPC #SafelyEjectYubiKey #SafelyRemoveYubiKey #SecurityKey #Yubico #YubiKey #EjectYubiKey #OTP #FIDO #CCID
-
How To Reset Or Set FIDO2 Pin Using YubiKey Manager App On Windows https://youtu.be/OIe04k0szCE #Websplaining #ResetFIDO2PIN #FIDO2PIN #FIDO #PIN #ResetFIDO2 #SetFIDO2PIN #SetFIDO2 #YubiKeyManager #Yubikey #YubicoYubiKey #Yubico #Windows #WindowsPC #PC #SetNewFIDO2PIN #UsbSecurityKey
-
How To Reset Or Set FIDO2 Pin Using YubiKey Manager App On Windows https://youtu.be/OIe04k0szCE #Websplaining #ResetFIDO2PIN #FIDO2PIN #FIDO #PIN #ResetFIDO2 #SetFIDO2PIN #SetFIDO2 #YubiKeyManager #Yubikey #YubicoYubiKey #Yubico #Windows #WindowsPC #PC #SetNewFIDO2PIN #UsbSecurityKey
-
Rogers confirms customer information has been accessed in Rogers and Fido data breach
https://mobilesyrup.com/2026/03/30/rogers-fido-customer-info-accessed-data-breach/
- - -
Rogers confirme que de l’information des clients a été accédée dans la violation des données chez Rogers et Fido// Article en anglais //
#Canada #Rogers #Fido #InfoSec #InformationSecurity #Cybersécurité
-
I'm currently trying Emacs and I have a question about fido-mode:
How do I enter a string which is a prefix or a different casing of a match? E.g. I want to rename FooBar.md to foobar.md. So I do M-x rename-file, press enter to select my current file FooBar.md, then in the "rename to" prompt I enter foobar.md. But this matches FooBar.md, so pressing enter results in Emacs trying to rename FooBar.md to FooBar.md.
So what do I do? I feel like there must be a key I can press to disable this. But my Goolge Fu leads nowhere. 😅
-
Did you know that an USB #YubiKey emulates a keyboard? Did you also know that you need to enter your PIN to unlock a YubiKey #FIDO #WebAuthn credential? Guess what happens when you connect an external USB keyboard (or something that claims it is one) to an #Apple #iPhone? Yes, the iPhone will not display the internal keyboard because… you have an external one. Leaving you with no way to enter your PIN while the YubiKey is connected. (Intermittently, it does display the keyboard for some reason.)
-
Wegen #Signal ist #passkeys in aller Munde.
Aber das Verfahren ist wesentlich älter als die meisten vermuten
Es kommt aus dem Jahre 2013 und nennt sich #FIDO2
#passkeys ist eigentlich nur ein #Marketing Begriff
#Fido steht für Fast IDentity Online
Auf deutsch: schnelle Identität bei digitalen Verbindungen
-
Shame on Apple for not allowing better multi-factor authentication than a simple text message. I do not own or use Apple devices, yet I require an Apple account, primarily for accessing their podcast service.
They only support passkeys from Apple devices and security tools? That isn't standardization nor is it openness. Apple is a member of FIDO and they owe it to their users to do better.
-
1994 hatte ich angefangen zu studieren und habe meine ersten Erfahrungen mit Linux und dem Internet gemacht. Hier sieht man zwar meine ursprüngliche Frage nicht mehr, aber viel früher geht wirklich nicht: https://groups.google.com/g/fido.ger.linux/c/08xn5RKsN3o/m/5zpAPA0OlTIJ
Davor war ich nur im Fido-Net unterwegs.
-
Biometric Yubico (Yubikey Bio) keys! let's go. An upgrade from our Yubikey 5. And some slight changes on how we authenticate for stuff everywhere.
Project underway! #cybersecurity #fido #2fa #authenticator #IT #sysadmin
-
Last year we had a wee side project to get more #OPF #digitalpreservation tools added to #InfraFinder. You can now find #fido https://infrafinder.investinopen.org/solutions/fido and #ViPER https://infrafinder.investinopen.org/solutions/viper
Big thanks to @carl on our end for putting together all the info. Great to see the results 🎉 Check out their update blog here: https://investinopen.org/blog/infra-finder-update-134-entries/
Infra Finder is a tool from @investinopen designed to increase adoption of and investment in #openinfrastructure
-
Экосистема SeedKey. Или как улучшить беспарольную аутентификацию
Почему беспарольная аутентификация с помощью девайс ключей не так распространена? И почему сайты неохотно внедряют её у себя? В статье мы попытаемся разобраться с ответами на эти вопросы, и я расскажу о моем эксперименте исправить это.
https://habr.com/ru/articles/984456/
#webauthn #passkeys #беспарольная_аутентификация #passwordless #browser_extensions #fido #helm_chart #seedkey #ctap #sdk
-
Экосистема SeedKey. Или как улучшить беспарольную аутентификацию
Почему беспарольная аутентификация с помощью девайс ключей не так распространена? И почему сайты неохотно внедряют её у себя? В статье мы попытаемся разобраться с ответами на эти вопросы, и я расскажу о моем эксперименте исправить это.
https://habr.com/ru/articles/984456/
#webauthn #passkeys #беспарольная_аутентификация #passwordless #browser_extensions #fido #helm_chart #seedkey #ctap #sdk
-
Экосистема SeedKey. Или как улучшить беспарольную аутентификацию
Почему беспарольная аутентификация с помощью девайс ключей не так распространена? И почему сайты неохотно внедряют её у себя? В статье мы попытаемся разобраться с ответами на эти вопросы, и я расскажу о моем эксперименте исправить это.
https://habr.com/ru/articles/984456/
#webauthn #passkeys #беспарольная_аутентификация #passwordless #browser_extensions #fido #helm_chart #seedkey #ctap #sdk
-
Экосистема SeedKey. Или как улучшить беспарольную аутентификацию
Почему беспарольная аутентификация с помощью девайс ключей не так распространена? И почему сайты неохотно внедряют её у себя? В статье мы попытаемся разобраться с ответами на эти вопросы, и я расскажу о моем эксперименте исправить это.
https://habr.com/ru/articles/984456/
#webauthn #passkeys #беспарольная_аутентификация #passwordless #browser_extensions #fido #helm_chart #seedkey #ctap #sdk
-
If you ever mess up a `git commit --gpg-sign`, for example, because you connected the wrong FIDO key or none at all, you can find your old commit message under `.git/COMMIT_EDITMSG` before trying to commit again.
I'm a little embarrassed that I didn't realize this until this morning...
-
Kann deine Einschätzung 100% verstehen. Ich habe mich für die Option Vpn only entschieden, da die Apps den letzten Stand cachen.
Geräte mit Addin (Notebook) ist in meinem Fall immer mit über Vpn mit meinem Exit Node verbunden. Dadurch habe ich weitere Features wie Web Filter und meine heimische Firewall.Generell habe ich folgende Ideen:
- Nutzung von #fido #fido2 -Stick/ #passkey
- #cloudflare Zero Trust Tunnel mit Access-FilterGib gerne ein Update wie du dich entschieden hast.
-
Replacing my 2019 Yubico YubiKey 5 NFC and 5Ci with YubiKey 5C NFC variants. This time with a custom #YubiStyle
The Double Rainbow variant will be my daily driver. The Red key will serve as the backup key in case the rainbow variant breaks.
Now migrating all services from my old keys to the new keys. Lucky for me, I have documented all uses of my old keys.
-
-
Joost van Dijk from @yubico tells us about #OpenSSH combined with the #FIDO standard at the @nluug #najaarsconferentie. This info applies on any FIDO #securitykey, not just #yubikey.
#opensourceconference #Linuxconference #conference #conferentie #NLUUG #nluug25nj #hardwarekey
-
https://www.europesays.com/it/220062/ Brovarone: “Non mi fido di questi giocatori, Vanoli uomo vero. Goretti rischia” #alzata #AlzataPeso #bisogno #BisognoAlzata #BisognoAlzataPeso #brovarone #Calcio #campo #fido #Football #giocatori #goretti #IT #Italia #Italy #lì #maiuscola #MaiuscolaPasta #MaiuscolaPastaLì #mano #pasta #PastaLì #peso #responsabilità #rischia #Soccer #Sport #Sports #squadra #vanoli
-
Does somebody know *why* CTAP2.x ("FIDO2") tokens do not authenticate the key exchange to protect the transmitted PIN from the client device to the authenticor?
Background: When you enter your PIN for a FIDO2 authenticator (e.g. Yubikey), the PIN is encrypted, and only a truncated SHA-256 hash is transmitted. The encryption key is chosen by unauthenticated ephermal ECDH key exchange. As the PINs usually have low entropy, they can be brute forced by an attacker who performs an active MITM attack.
Some smart cards (e.g. the German eID or other Biometric Passports) use PACE nowadays to protect such a key exchange with a PIN or another low-entropy secret (such as the document number) - other password authenticated key exchanges (PAKEs) would certainly be possible as well.
Are active MITM attacks considered to be negligible for the common transports (USB, NFC, Bluetooth) of Webauth? Or are there other reasons why a PAKE is not used?
-
Does somebody know *why* CTAP2.x ("FIDO2") tokens do not authenticate the key exchange to protect the transmitted PIN from the client device to the authenticor?
Background: When you enter your PIN for a FIDO2 authenticator (e.g. Yubikey), the PIN is encrypted, and only a truncated SHA-256 hash is transmitted. The encryption key is chosen by unauthenticated ephermal ECDH key exchange. As the PINs usually have low entropy, they can be brute forced by an attacker who performs an active MITM attack.
Some smart cards (e.g. the German eID or other Biometric Passports) use PACE nowadays to protect such a key exchange with a PIN or another low-entropy secret (such as the document number) - other password authenticated key exchanges (PAKEs) would certainly be possible as well.
Are active MITM attacks considered to be negligible for the common transports (USB, NFC, Bluetooth) of Webauth? Or are there other reasons why a PAKE is not used?
-
Does somebody know *why* CTAP2.x ("FIDO2") tokens do not authenticate the key exchange to protect the transmitted PIN from the client device to the authenticor?
Background: When you enter your PIN for a FIDO2 authenticator (e.g. Yubikey), the PIN is encrypted, and only a truncated SHA-256 hash is transmitted. The encryption key is chosen by unauthenticated ephermal ECDH key exchange. As the PINs usually have low entropy, they can be brute forced by an attacker who performs an active MITM attack.
Some smart cards (e.g. the German eID or other Biometric Passports) use PACE nowadays to protect such a key exchange with a PIN or another low-entropy secret (such as the document number) - other password authenticated key exchanges (PAKEs) would certainly be possible as well.
Are active MITM attacks considered to be negligible for the common transports (USB, NFC, Bluetooth) of Webauth? Or are there other reasons why a PAKE is not used?
-
@breadsmasher
Great question! "Need" probably isn't the right word. "Strongly desire" or "greatly prefer" would more accurate.The reason is that I have lots of different devices with different port types. Some of my newer devices only have USB-C ports, while my older devices only have USB-A ports, and I'd really like to have just "one key to rule them all," so to speak.
I know that I could buy a little USB-A/C adapter dongle and keep that on the same keychain with the MFA key, but that introduces a degree of fragility that I'd prefer to avoid if possible.
That being said, if I found a hardware MFA key with all of the features I listed except for USB-C, then I'd happily accept the dongle compromise, because most of my devices (even the old ones) support Bluetooth, so I'd still have that as a backup option in case the dongle fails.
#MFA #2FA #fido #fido2 #fido3 #NFC #USB #USBc #USBa #dongle #Biometric #Fingerprint #YubiCo #YubiKey #Bluetooth #CyberSecurity #InfoSec
-
My current hardware MFA key is no longer receiving security patches, so I'm in the market for a new one.
Here's a list of features I'd like my new hardware MFA key to have, in order of priority:
1. USB-A
2. NFC
3. USB-C
4. Biometric
5. BluetoothMy current MFA key has features 1-3 and 5. Is there a Holy Grail MFA key somewhere out there with all 5 features?
I'm already pretty familiar with YubiCo's product lineup, and while I love their security rating and build quality, none of them have more than 2 of the features listed above, so that kinda bums me out.
Anyway, let's hear your hardware MFA key recommendations!
#MFA #2FA #fido #fido2 #fido3 #NFC #USB #USBc #USBa #Biometric #Fingerprint #YubiCo #YubiKey #Bluetooth #CyberSecurity #InfoSec
-
Linux-Tablet StarLite als Unterrichtsgerät
StarLab vertreibt ein elegantes Linux-Tablet mit Stiftunterstützung, welches ich für den Unterricht verwenden möchte. Ich teile meine ersten Erfahrungen und Tipps.
#Tablet #Fido #Luks #touch #Stift #Linux
https://gnulinux.ch/linux-tablet-starlite-als-unterrichtsgeraet
-
I'm looking for a good overview/comparison of different #MFA/#2FA or #PasswordLess authentication protocols.
The recent #Fido2 #MitM risk made me aware that I need to learn more.
Pointers and #BoostWelcome
#fedipower #wisdomOfTheCrowd #FollowerPower
As the best way to get an answer on the internet, is to state something wrong, let's try this 😜
#FIDO and FIDO2 are actually a whole set of (related?) protocols.
FIDO includes FIDO #UAF (Universal Authentication Framework) and FIDO #U2F (Universal Second Factor).FIDO2 is the "successor" of FIDO and consists of two parts.
#WebAuthn and #CTAP (Client to Authenticator Protocol). From the name I would guess that WebAuthn is for web stuff (requiring browser support) and CTAP is for IT infrastructure stuff (???)#Passkey is based on #Fido2
Other related concepts or protocols are #OTP (one-time passwords), #TOTP (Time-based One-time Password) and #HOTP (“H” in HOTP stands for Hash-based Message Authentication Code (HMAC))Not sure how #SmartCards play into this.
And not sure which of these methods would work for an offline authentication login into your laptop (and ideally also as key for whole disk encryption)
-
I'm looking for a good overview/comparison of different #MFA/#2FA or #PasswordLess authentication protocols.
The recent #Fido2 #MitM risk made me aware that I need to learn more.
Pointers and #BoostWelcome
#fedipower #wisdomOfTheCrowd #FollowerPower
As the best way to get an answer on the internet, is to state something wrong, let's try this 😜
#FIDO and FIDO2 are actually a whole set of (related?) protocols.
FIDO includes FIDO #UAF (Universal Authentication Framework) and FIDO #U2F (Universal Second Factor).FIDO2 is the "successor" of FIDO and consists of two parts.
#WebAuthn and #CTAP (Client to Authenticator Protocol). From the name I would guess that WebAuthn is for web stuff (requiring browser support) and CTAP is for IT infrastructure stuff (???)#Passkey is based on #Fido2
Other related concepts or protocols are #OTP (one-time passwords), #TOTP (Time-based One-time Password) and #HOTP (“H” in HOTP stands for Hash-based Message Authentication Code (HMAC))Not sure how #SmartCards play into this.
And not sure which of these methods would work for an offline authentication login into your laptop (and ideally also as key for whole disk encryption)
-
I'm looking for a good overview/comparison of different #MFA/#2FA or #PasswordLess authentication protocols.
The recent #Fido2 #MitM risk made me aware that I need to learn more.
Pointers and #BoostWelcome
#fedipower #wisdomOfTheCrowd #FollowerPower
As the best way to get an answer on the internet, is to state something wrong, let's try this 😜
#FIDO and FIDO2 are actually a whole set of (related?) protocols.
FIDO includes FIDO #UAF (Universal Authentication Framework) and FIDO #U2F (Universal Second Factor).FIDO2 is the "successor" of FIDO and consists of two parts.
#WebAuthn and #CTAP (Client to Authenticator Protocol). From the name I would guess that WebAuthn is for web stuff (requiring browser support) and CTAP is for IT infrastructure stuff (???)#Passkey is based on #Fido2
Other related concepts or protocols are #OTP (one-time passwords), #TOTP (Time-based One-time Password) and #HOTP (“H” in HOTP stands for Hash-based Message Authentication Code (HMAC))Not sure how #SmartCards play into this.
And not sure which of these methods would work for an offline authentication login into your laptop (and ideally also as key for whole disk encryption)
-
I'm looking for a good overview/comparison of different #MFA/#2FA or #PasswordLess authentication protocols.
The recent #Fido2 #MitM risk made me aware that I need to learn more.
Pointers and #BoostWelcome
#fedipower #wisdomOfTheCrowd #FollowerPower
As the best way to get an answer on the internet, is to state something wrong, let's try this 😜
#FIDO and FIDO2 are actually a whole set of (related?) protocols.
FIDO includes FIDO #UAF (Universal Authentication Framework) and FIDO #U2F (Universal Second Factor).FIDO2 is the "successor" of FIDO and consists of two parts.
#WebAuthn and #CTAP (Client to Authenticator Protocol). From the name I would guess that WebAuthn is for web stuff (requiring browser support) and CTAP is for IT infrastructure stuff (???)#Passkey is based on #Fido2
Other related concepts or protocols are #OTP (one-time passwords), #TOTP (Time-based One-time Password) and #HOTP (“H” in HOTP stands for Hash-based Message Authentication Code (HMAC))Not sure how #SmartCards play into this.
And not sure which of these methods would work for an offline authentication login into your laptop (and ideally also as key for whole disk encryption)
-
I'm looking for a good overview/comparison of different #MFA/#2FA or #PasswordLess authentication protocols.
The recent #Fido2 #MitM risk made me aware that I need to learn more.
Pointers and #BoostWelcome
#fedipower #wisdomOfTheCrowd #FollowerPower
As the best way to get an answer on the internet, is to state something wrong, let's try this 😜
#FIDO and FIDO2 are actually a whole set of (related?) protocols.
FIDO includes FIDO #UAF (Universal Authentication Framework) and FIDO #U2F (Universal Second Factor).FIDO2 is the "successor" of FIDO and consists of two parts.
#WebAuthn and #CTAP (Client to Authenticator Protocol). From the name I would guess that WebAuthn is for web stuff (requiring browser support) and CTAP is for IT infrastructure stuff (???)#Passkey is based on #Fido2
Other related concepts or protocols are #OTP (one-time passwords), #TOTP (Time-based One-time Password) and #HOTP (“H” in HOTP stands for Hash-based Message Authentication Code (HMAC))Not sure how #SmartCards play into this.
And not sure which of these methods would work for an offline authentication login into your laptop (and ideally also as key for whole disk encryption)
-
For decades, users have authenticated on systems with usernames and passwords. This method of authentication has not changed since the beginning of the Internet. As the Internet became a more hostile place and threats emerged, ...
https://blog.tinned-software.net/secure-authentication-and-how-it-changed-over-time/
#security #securitykey #securitykeys #fido #fido2 #totp #passkey
-
https://proton.me/blog/universal-2nd-factor-u2f
Proton has a nice beginners guide to Universal 2 Factor authentication, what it is, and why you should use it. in addition to the basics it covers some concepts such as FIDO, FIDO2 and how to use them.
-
updated #fido2 #fido #securitykey #comparison draft Version 0.8
#yubikey #nitrokey #gotrust #feitian #solokey #titan #google
#mfa #u2f@Fr333k @matthegap @shellsharks @FritzAdalis
@heisecIf updates are needed Post a reply here
Credits to
-
that is a differentiation many people do not recognize until now. #fido #explain #passkey #securityKey
Thy for pointing out that clear.
Nevertheless… 1 question. Is there a reason why many vendors set security keys ON TOP of Uname / password?
To me it has not so much value making it more complex?
Or do I miss something there?
