Presented at the 4th XoveTIC Conference, A Coruña, Spain, 7–8 October 2021.[Abstract] During the last few years, some of the most relevant IT companies have started to develop new authentication solutions which are not vulnerable to attacks like phishing. WebAuthn and FIDO authentication standards were designed to replace or complement the de facto and ubiquitous authentication method: username and password. This paper performs an analysis of the current implementations of these standards while testing and comparing these solutions in a high-level analysis, drawing the context of the adoption of these new standards and their integration with the existing systems, from web applications and services to different use cases on desktop and serve...
Two-factor authentication (2FA) mitigates the security risks of passwords as sole authentication fac...
Access to computer systems and the information held on them, be it commercially or personally sensit...
Thesis (Ph.D.)--University of Washington, 2019Humans have used passwords for access control since an...
We carry out the first provable security analysis of the new FIDO2 protocols, the promising FIDO All...
W3C and FIDO Alliance have introduced a new specification. WebAuthn (Web Authentication) standardize...
[Abstract] During the last few years, the FIDO Alliance and the W3C have been working on a new stan...
The FIDO2 standards for strong authentication on the Internet define an extension interface, which a...
Password-based authentication is widely used online, despite its numerous shortcomings, enabling att...
FIDO's U2F is a web-authentication mechanism designed to mitigate real-time phishing-an attack that ...
We describe how FIDO and W3C VCs can overcome the problems of existing identity management systems. ...
© 2020 IEEE. Fast Identity Online (FIDO) Alliance and W3C have defined a set of specifications (call...
The most common mechanism for online authenti- cation is the username-password. Majority of e- comme...
Abstract: Even after 40 years of IT innovations, passwords are still the most widely used authentica...
Abstract—We evaluate two decades of proposals to replace text passwords for general-purpose user aut...
Modern smartphones support FIDO2 passwordless authentication using either external security keys or...
Two-factor authentication (2FA) mitigates the security risks of passwords as sole authentication fac...
Access to computer systems and the information held on them, be it commercially or personally sensit...
Thesis (Ph.D.)--University of Washington, 2019Humans have used passwords for access control since an...
We carry out the first provable security analysis of the new FIDO2 protocols, the promising FIDO All...
W3C and FIDO Alliance have introduced a new specification. WebAuthn (Web Authentication) standardize...
[Abstract] During the last few years, the FIDO Alliance and the W3C have been working on a new stan...
The FIDO2 standards for strong authentication on the Internet define an extension interface, which a...
Password-based authentication is widely used online, despite its numerous shortcomings, enabling att...
FIDO's U2F is a web-authentication mechanism designed to mitigate real-time phishing-an attack that ...
We describe how FIDO and W3C VCs can overcome the problems of existing identity management systems. ...
© 2020 IEEE. Fast Identity Online (FIDO) Alliance and W3C have defined a set of specifications (call...
The most common mechanism for online authenti- cation is the username-password. Majority of e- comme...
Abstract: Even after 40 years of IT innovations, passwords are still the most widely used authentica...
Abstract—We evaluate two decades of proposals to replace text passwords for general-purpose user aut...
Modern smartphones support FIDO2 passwordless authentication using either external security keys or...
Two-factor authentication (2FA) mitigates the security risks of passwords as sole authentication fac...
Access to computer systems and the information held on them, be it commercially or personally sensit...
Thesis (Ph.D.)--University of Washington, 2019Humans have used passwords for access control since an...