FIDO Keys: The Future of Passwords

FIDO keys can save you a lot of time and frustration, as well as secure your business.Have you ever had a nightmare where you’re trying to log in to your bank account, but you can’t remember your password? You try every combination of letters, numbers, and symbols you can think of, but nothing works. Meanwhile, your bank balance is plummeting, and you’re starting to feel trapped in a financial horror movie. Neither have I, but we’ve seen more than our fair share of essential account lockouts due to poor security hygiene.Let’s face it: your users will not abide by good password policies. They will accidentally hit “Accept” on an MFA prompt they didn’t initiate. It will happen, and the answer isn’t just more training. The answer is to implement better security controls so poor passwords and broken MFA don’t put you out of business.The answer is FIDO keys.

What are FIDO Keys?

A FIDO key is a small physical device used for multi-factor authentication (MFA) and passwordless authentication. FIDO stands for Fast Identity Online, an open standard for secure authentication developed by a consortium of companies that includes Microsoft, Google, and Intel.The FIDO standard makes online authentication more secure and easier to use by providing an alternative to traditional password-based authentication. They use something called “public key cryptography” to verify your identity. Your key contains a private key only you can access and a public key used to verify your identity with online services. So instead of relying on a password that can be hacked or stolen, you plug in your FIDO key, and voila! You’re in.FIDO keys come in various forms, including USB sticks, Bluetooth devices, and even smart cards. To use a FIDO key, you plug it into your computer or pair it with your mobile device and use it to authenticate yourself with online services that support FIDO authentication. FIDO keys are widely regarded as one of the most secure forms of authentication available today. They are becoming increasingly popular with individuals and businesses looking for a more secure and convenient way to authenticate themselves online.

Why Should You Use FIDO Keys?

FIDO keys offer several benefits over traditional password-based authentication and other forms of multi-factor authentication. Here are some reasons why you might want to consider using FIDO keys for your online accounts:

Improved security

FIDO keys use public-key cryptography to authenticate users, which is much more secure than traditional password-based authentication. With public-key cryptography, your private key is on the physical FIDO key, which means it never leaves the device. This makes it much more difficult for hackers to access your account, even if they manage to steal your username and password.

Convenience

FIDO keys are straightforward to use. Instead of typing in a code or waiting for an SMS message, plug in your key and return to work. This makes the login process faster and more seamless, especially for people who use multiple devices.

Wide FIDO adoption

Many popular websites and services, including Google, Microsoft, Dropbox, and Facebook support them. This means that you can use your key to authenticate yourself with a wide range of online accounts, making it a more versatile option than other forms of two-factor authentication.

Prevention of data breaches

With FIDO keys, even if a hacker gains access to your username and password, they still won’t be able to access your account without physical access to your FIDO key. This can prevent data breaches resulting from password theft, a common tactic cyber-criminals use.In comparison to other forms of two-factor authentication, FIDO keys are often considered the most secure option. While SMS codes and authenticator apps are better than just relying on a password, they can still be vulnerable to phishing attacks or malware that intercepts authentication codes. Check out our previous article on MFA for more about the weaknesses of traditional MFA. FIDO keys, on the other hand, are much more resistant to these types of attacks.

How do They Work?

Setting up and using a FIDO key is a straightforward process. Here at Hermetic, we specialize in getting your staff fully set up and ready to go. There are only a few steps if you’re setting it up for yourself.

Choose the right FIDO key model.

FIDO keys are widely available online, and you can purchase them from various retailers. Be sure to choose a key compatible with your devices and the online services you use. If your staff are heavily mobile, get a model with NFC for better device compatibility. You can even get a model with a fingerprint reader for added security.

Register your FIDO key

Once you have your FIDO key, you’ll need to register it with the online services you want to use it with. This typically involves navigating to the security settings of the service and following the instructions for registering a new security key. You’ll need to insert your FIDO key and follow the on-screen instructions during this process.

Use it to log in

Once you’ve registered your key with your online services, you can start using it to log in. The exact process for using your FIDO key will depend on the service you’re using, but in general, you’ll need to plug in your FIDO key or use a compatible mobile device to authenticate yourself.Keep your FIDO key secure: Just like with any other security device, it’s important to keep your FIDO key secure. Make sure to store it in a safe place when you’re not using it and never share it with anyone else. If you lose your key or it’s stolen, be sure to report it immediately to the appropriate online services so they can revoke its access to your accounts.While the process of setting up and using a FIDO key may seem daunting at first, it’s actually quite simple and can be completed in just a few minutes. Once you’ve set up your key, using it to log in is a breeze, and it offers an added layer of security that can help protect your online accounts from unauthorized access. If you’re looking for a simple and secure way to authenticate yourself online, using a FIDO key is definitely worth considering.

Wrapping Up

FIDO keys offer a simple and secure way to authenticate yourself online. By using public-key cryptography and storing your private key on the FIDO key, they provide a higher level of security than traditional password-based authentication and other forms of two-factor authentication. Additionally, they are easy to use, widely supported, and can help prevent data breaches that result from password theft. If you’re concerned about online security and want to take steps to protect yourself, using a FIDO key is a great place to start.If you want to learn more about protecting your online accounts or using FIDO at your organization, get in touch with us today.

Jeff Hughes