Biometric Update

Microsoft expands passkey support, phases out weaker authentication methods

The company cites vulnerability to guessing and social engineering as the reason behind the decision, but a part of the decision is also AI risk.
Redmond Magazine

Microsoft Tweaks Authenticator with Added Passkey Support, FIPS Compliance

Microsoft is updating its Authenticator app to be even more "phishing-resistant," Microsoft announced Tuesday. Organizations use Authenticator to implement multifactor authentication (MFA) on iOS and ...
Business Insider

FIDO Alliance and W3C Achieve Major Standards Milestone in Global Effort Towards Simpler, Stronger Authentication on the WebWith support from Google Chrome, Microsoft Edge and ...

MOUNTAIN VIEW, Calif., April 10, 2018 (GLOBE NEWSWIRE) -- The FIDO Alliance and the World Wide Web Consortium (W3C) have achieved a major standards milestone in the global effort to bring simpler yet ...
Bleeping Computer

New downgrade attack can bypass FIDO auth in Microsoft Entra ID

Security researchers have created a new FIDO downgrade attack against Microsoft Entra ID that tricks users into authenticating with weaker login methods, making them susceptible to phishing and ...
Ars Technica

Phishers have found a way to downgrade—not bypass—FIDO MFA

Researchers recently reported encountering a phishing attack in the wild that bypasses a multifactor authentication scheme based on FIDO (Fast Identity Online), the industry-wide standard being ...