Why choose KEY-ID FIDO security keys?
The need to neutralise password risk
The vast majority of data breaches from hacking are the result of compromised passwords. Passwords are not secure and cannot be relied upon. Multi-factor authentication is now a necessity.
Major online service providers have suffered news headline-making data breaches – exposing many millions of user passwords. Re-use of the same or similar passwords across multiple services has substantially multiplied exposure to malicious access, hijacking and account takeover.
Increasingly sophisticated and believable phishing attacks trick people into revealing their sign-in details, and malware programs on phones, tablets and laptops are commonly used to steal passwords.
Even password management services, designed to help people with a multitude of unique account sign in passwords, have been the victim of hackers.
Criminals employ social engineering techniques to deduce the passwords used by targeted victims.
The FIDO solution
Attempts to strengthen sign in security with SMS transmitted codes and locally generated OTP codes have been shown to have vulnerabilities (text messages can be intercepted on the phone network and OTP codes relayed during ‘time-of-use’ phishing attacks). The FIDO (Fast Identity Online) Alliance, who’s members include Google, Microsoft, Mozilla, MasterCard, Visa and PayPal, have been working to define a secure and universally supported standard.
FIDO standards are highly secure – utilising (asymmetric) public and private key-pairs, with the private key never being shared and able to be thoroughly protected within dedicated security hardware.
FIDO defeats phishing and man-in-the-middle attacks – because FIDO’s authentication protocol enforces the verification of message origin, so bogus websites will not be recognised.
FIDO is scalable – designed for secure authentication to many accounts with the aid of a single authenticator. For each account, unique and anonymous authentication codes are generated from the authenticator.
Passwordless login – the FIDO2 standard adds support for streamlining the secure login process by removing day-to-day reliance on passwords altogether, reducing password risk and the burden of password administration on IT support teams. (Some authentication keys can also be used as Windows Hello compatible devices – allowing users to set-up Windows Hello passwordless login on their specific Windows 10 machine).
KEY-ID’s FIDO security key products
|FIDO2 key with
|FIDO U2F key|
|Native passwordless Windows Hello login with Windows 10|
|Roaming passwordless FIDO2 login on Windows 10 / Azure AD||PIN|
|Sign in to all FIDO2 enabled cloud services||PIN|
|Sign in to all legacy U2F enabled cloud services|
|Strong 2-factor public key authentication|
|Phishing & man-in-the-middle attack resistant|
|Multiple accounts / services supported on one key|
|User self-registration for easy issuance|