HomeIdentity Security Encyclopedia › FIDO2 and WebAuthn

FIDO2 and WebAuthn

FIDO2

FIDO2 is an open authentication standard that enables passwordless, phishing-resistant authentication using public-key cryptography, implemented through platform authenticators like Touch ID or hardware keys like YubiKey.

IAM Passwordless Standard

❓ What is FIDO2 and WebAuthn?

FIDO2 is an open authentication standard that enables passwordless, phishing-resistant authentication using public-key cryptography, implemented through platform authenticators like Touch ID or hardware keys like YubiKey.

⚙️ How Does It Work?

During registration, a key pair is generated. The private key stays on the device; the public key is stored on the server. During login, the device signs a challenge with the private key — no password is ever transmitted.

📍 Where Is It Used?

Enterprise passwordless rollouts, consumer apps (Google, Apple, Microsoft), high-security environments requiring phishing resistance.

💡 Real-World Example

A financial services firm rolls out YubiKeys to all 2,000 employees. When logging into any system, the employee taps the YubiKey — no password required. Phishing attacks targeting credentials become instantly ineffective.

🔗 Related Terms

Passwordless MFA WebAuthn Authentication
← Microsoft Entra IDIdentity Federation →

Stay Ahead in Identity Security

Get weekly IAM, PAM & IGA insights delivered to your inbox via Identity Pulse.

Subscribe to Identity Pulse →
Scroll to top