Recently I heard about FIDO2, a passwordless web authentication method. As a UX Designer, I am curious to understand more about Passwordless ( FIDO2) in the following areas:
- What is FIDO2?
- User review. What do different tech level (i.e. non-tech, semi-tech and tech) think about FIDO2? (coming soon…)
- What are the challenges designing and adopting for FIDO2? (coming soon…)
- According to FIDO alliance each users have more than 90 online accounts.
- ⅓ of online purchases are abandoned due to forgotten passwords
- What if we don’t need password to access our accounts? Time to think beyond passwords.
FIDO2 authenticators = Passwordless way to access the account on website browsers
FIDO2 is a passwordless web authentication method which aims to provide a simpler and stronger authentication option for the users. Users can access their accounts with browsers using biometrics, security key (U2F) and more.
“Protects against phishing, man-in-the-middle and attacks using stolen credentials.”
How it works?
- Set up FIDO2 ( If the user didn’t set it up previously)
- Once users set up an account, they can then sign in with the user ID
- The browser will ask the user to show their FIDO2 authenticator to get access to their account
- Signed in seamlessly. Magic!
Why is FIDO2 more secure?
- According to fido alliance “FIDO2 cryptographic login credentials are unique across every website, never leave the user’s device and are never stored on a server. This security model eliminates the risks of phishing, all forms of password theft and replay attacks.”
- Users are forgetful — FIDO2 authenticators can reduce reliance on user setting weak passwords and remembering passwords.