Brakeing Down Security Podcast
Brakeing Down Security Podcast
Bryan Brake, Amanda Berlin, Brian Boettcher
2020-020-Andrew Shikiar - FIDO Alliance - making Cybersecurity more secure
42 minutes Posted May 27, 2020 at 9:19 am.
0:00
42:18
Download MP3
Show notes

 Andrew Shikiar, executive director and CMO of the (Fast IDentity Online) FIDO Alliance.

 

What is FIDO?

“ open industry association launched in February 2013 whose mission is to develop and promote authentication standards that help reduce the world’s over-reliance on passwords. FIDO addresses the lack of interoperability among strong authentication devices and reduces the problems users face creating and remembering multiple usernames and passwords.”

 

Did any one event precipitate creation of the FIDO alliance?

UAF= https://fidoalliance.org/specs/fido-uaf-v1.2-rd-20171128/fido-uaf-protocol-v1.2-rd-20171128.html

 

U2F = https://en.wikipedia.org/wiki/Universal_2nd_Factor (yubikeys, tokens)

 

https://landing.google.com/advancedprotection/

 

FIDO supports biometrics - https://www.biometricupdate.com/202002/how-fido-based-biometric-technology-clears-up-the-iot-authentication-mess

 

FIDO certified software and companies: https://fidoalliance.org/fido-certified-showcase/

 

IBM: https://www.ibm.com/blogs/sweeden/fido2-conformance-why-its-a-big-deal/  -- 

 

Digital Identity Guidelines: Authentication and Lifecycle Management - digital ID framework

 

NIST guidelines that FIDO meets: https://pages.nist.gov/800-63-3/sp800-63b.html#sec5

 

https://fidoalliance.org/certification/authenticator-certification-levels/

 

https://github.com/herrjemand/awesome-webauthn

 

https://fidoalliance.org/content/case-study/

 

https://loginwithfido.com/provider/

From a threat modeling perspective, how does ‘2fa’ occur when the authenticating method and the browser are on the same device?

 

Consumer education initiative https://loginwithfido.com/

 

IoT Devices- https://fidoalliance.org/internet-of-things/

https://blog.techdesign.com/fido-authentication-to-secure-iot-devices/

 

For Developers: https://fidoalliance.org/developers/   or https://webauthn.io/ - dev information about WebAuthN

https://github.com/herrjemand/awesome-webauthn

https://fidoalliance.org/events/ - upcoming webinars for FIDO related topics

 

NTT DOCOMO introduces passwordless authentication for d ACCOUNT

 

https://groups.google.com/a/fidoalliance.org/forum/#!forum/fido-dev

 

Check out our Store on Teepub! https://brakesec.com/store

Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com

#Brakesec Store!:https://www.teepublic.com/user/bdspodcast

#Spotify: https://brakesec.com/spotifyBDS #Pandora: https://pandora.app.link/p9AvwdTpT3

#RSS: https://brakesec.com/BrakesecRSS

#Youtube Channel:  http://www.youtube.com/c/BDSPodcast

#iTunes Store Link: https://brakesec.com/BDSiTunes

#Google Play Store: https://brakesec.com/BDS-GooglePlay

Our main site:  https://brakesec.com/bdswebsite

#iHeartRadio App:  https://brakesec.com/iHeartBrakesec

#SoundCloud: https://brakesec.com/SoundcloudBrakesec

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon

https://brakesec.com/BDSPatreon

#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM : https://brakesec.com/BDS-PlayerFM

#Stitcher Network: https://brakesec.com/BrakeSecStitcher

#TuneIn Radio App: https://brakesec.com/TuneInBrakesec