FIDO2
FIDO2 is an open authentication standard that enables passwordless, phishing-resistant authentication using public-key cryptography, implemented through platform authenticators like Touch ID or hardware keys like YubiKey.
⚙️ How Does It Work?
During registration, a key pair is generated. The private key stays on the device; the public key is stored on the server. During login, the device signs a challenge with the private key — no password is ever transmitted.
📍 Where Is It Used?
Enterprise passwordless rollouts, consumer apps (Google, Apple, Microsoft), high-security environments requiring phishing resistance.
💡 Real-World Example
A financial services firm rolls out YubiKeys to all 2,000 employees. When logging into any system, the employee taps the YubiKey — no password required. Phishing attacks targeting credentials become instantly ineffective.
🔗 Related Terms
Stay Ahead in Identity Security
Get weekly IAM, PAM & IGA insights via Identity Pulse.
Subscribe to Identity Pulse →