Biometric Update

Microsoft expands passkey support, phases out weaker authentication methods

The company cites vulnerability to guessing and social engineering as the reason behind the decision, but a part of the decision is also AI risk.
Redmond Magazine

Microsoft Tweaks Authenticator with Added Passkey Support, FIPS Compliance

Microsoft is updating its Authenticator app to be even more "phishing-resistant," Microsoft announced Tuesday. Organizations use Authenticator to implement multifactor authentication (MFA) on iOS and ...
Bleeping Computer

New downgrade attack can bypass FIDO auth in Microsoft Entra ID

Security researchers have created a new FIDO downgrade attack against Microsoft Entra ID that tricks users into authenticating with weaker login methods, making them susceptible to phishing and ...
Ars Technica

Phishers have found a way to downgrade—not bypass—FIDO MFA

Researchers recently reported encountering a phishing attack in the wild that bypasses a multifactor authentication scheme based on FIDO (Fast Identity Online), the industry-wide standard being ...