FIDO authentication (Passkeys)

FIDO (Fast Identity Online) is a framework of open technical specifications for single or multifactor authentication.

In case FIDO is not mixed with other password- or username-based authentication factors, it can effectively mitigate common attacks against passwords, like:

credential stuffing
password reuse
phishing
man-in-the-middle (MITM) attacks

Main features

User authentication with FIDO authenticators and passkeys (USB devices, platform authenticators like Windows Hello, iOS and Android pendents, NFC-based authenticators, etc.)
Usernameless and passwordless authentication.
Token migration self-service to FIDO.
Token registration self-service for authenticated users.
Token management self-service for authenticated users.
Integrated token management for admins and help desks.
Transaction approval.

Typical applications

User authentication via browser or mobile app as the first or second factor.

Chapter content

Terms and definitions relating to FIDO

Introduction to FIDO and passkeys

Simple FIDO authentication example

FIDO in Airlock IAM

FIDO configuration overview

Further information and links

Internal links

Transaction Approval with FIDO2