Portal de Periódicos da CAPES

FIDO2: A comprehensive study on passwordless authentication

2024; Volume: 14; Issue: 7 Linguagem: Inglês

10.9790/9622-14075863

2248-9622

Aditya Mitra, Anisha Ghosh,

User Authentication and Security Systems

The twenty first century is marked as the digital era. It involves the use of computers and other devices like smartphones in every aspect of life. It is becoming increasingly important to understand the usages of such devices and to protect ourselves from malicious actors on digital platforms. The concept of authentication is not new, it started with Fernando Corbató in the 1960s when he developed the system of passwords for the MIT Compatible Time-Sharing System (CTSS) [1]. However, we have come a long way from using passwords and personal identification numbers (PINs) since they have fallen weak in the face of modern adversaries and attacks like phishing. This paper presents and discusses the FIDO2 standard for passwordless authentication for the protection of digital resources and assets. FIDO2 standard uses cryptographic challenge-response system combined with trusted computing to make the process of authentication truly Phishing resistant [2]. This paper presents a comprehensive view of FIDO2 specification standards and implementation