Look Up Another Term

Redirected from: FIDO2

Definition: FIDO

(1) For email, see FidoNet.

(2) (Fast IDentity Online) A technology from the FIDO Alliance that authenticates a user logging into an online service without having to enter username and password. Founded in 2013, the Alliance introduced biometric and two-factor authentication a year later.

In May 2022, Apple, Google and Microsoft announced support of FIDO. A "passwordless" future with guaranteed security for every user would be greeted with great enthusiasm.

UAF (Universal Authentication Framework) is the biometric protocol, and U2F (Universal Second Factor) supports PINs and USB keys. See two-factor authentication and USB key.

FIDO2 uses WebAuthn (Web Authentication specification) and FIDO's CTAP (client-to-authentication protocol) to enable smartphones to work as authenticators. See WebAuthn.

FIDO Client/Server Interaction
When a user opens an account, the FIDO client registers with the provider's server. At login, the server sends the FIDO client a challenge, which is a value that will be returned encrypted with a digital signature. See public key cryptography and digital signature.

A FIDO-Certified USB Key
This YubiKey FIPS is certified for FIDO second-factor authentication, and it meets federal standards (see FIPS 140-2). (Image courtesy of Yubico, www.yubico.com)