Stack Overflow
Stack Overflow

Questions tagged [fido]

FIDO (Fast IDentity Online) is an organization which aims to substitute old password authentication with modern password-less solutions. It tries to achieve that by introducing three main protocols : UAF, U2F, FIDO2. Use this tag for questions referring to the FIDO protocols (UAF, U2F, FIDO2).

144 questions
1
vote
1 answer

How do I use from security token for FIDO?

I have a USB security token, that is used for generate key-pair and save secure data in it's memory. Communication with this token is by c++ library. Like readMemory() and writeMemory() also genKeyPair(). I want to use this token in FIDO solution.…
VOLVO
  • 541
  • 5
  • 16
1
vote
3 answers

FIDO - How does the FIDO server verify the integrity of inbound public key during registration phase/ceremony?

Trying to wrap my head around the FIDO protocol suit. Premise Authenticator has a master private key(also called attestation key) During the registration ceremony, authenticator signs the challenge and a couple of other parameters along with the…
riceplatereddy
  • 111
  • 1
  • 1
  • 5
1
vote
1 answer

How to be FIDO Compliant with existing registration / login functionality

I have existing website with Registration & Login functionality. I want to make this process FIDO Compliant with implementation of UAF / U2F and later FIDO2. Unfortunately couldn't find step by step series of tutorials.I want to implement this using…
Khalid Bin Noor
  • 11
  • 1
1
vote
1 answer

Are there browsers supporting FIDO UAF

I'm looking into FIDO UAF (passwordless login) and wondering if there are any browsers supporting it. So far I have only found it used in native mobile apps.
Maarten
  • 4,643
  • 7
  • 37
  • 51
1
vote
2 answers

FIDO UAF Android Register Operation

I'm trying to test the FIDO (https://fidoalliance.org) capabilities of my Galaxy S6 device using an Android PoC application. So far, I have managed to retrieve the available FIDO authenticators using the DISCOVER Intent and it successfully returned…
marius bardan
  • 4,962
  • 4
  • 29
  • 32
0
votes
1 answer

Why is Linux OS having an issue with registration and authentication on webauthn.io using yubikey 5 over NFC whereas it supports usb based only?

Webauthn.io in Linux OS asks for usb based registration and authentication.It does not support yubikey over NFC due to some issue. I tried using my yubikey over omnikey reader for testing on Webauthn.io from chrome browser on Linux OS but it only…
AGh
  • 1
  • 2
0
votes
0 answers

How to Store the Yubikey Credentials in a JSON File and Retrieve Them to Use for Authentication in future

I have a Python flask app which is using a Yubikey as a 2FA next to username and password. While registering a new user I am registering the yubikey linked to that user and storing the credentials in a JSON file. I need to store the Yubikey…
Krithick
  • 1
  • 1
0
votes
1 answer

Unable to register for authentication using Passkey on Android

I'm trying to follow the official documentation to implement Passkey registration. There is also a codelab demonstrating the topic (note that it works as intended on my Android device.) I created this minimal test-case available on github, which…
Ariel Malka
  • 15,697
  • 6
  • 31
  • 33
0
votes
1 answer

Using a passkey for unattended execution

I'm pretty sure this isn't possible, but I'm going to ask the hive mind. Looking to implement a standards based secure virtual machine credential to use from web based applications that can be automated. I know, a lot to ask One possibility is…
mrmoosehead
  • 145
  • 1
  • 8
0
votes
1 answer

android fido - SECURITY_ERR The incoming request cannot be validated

I'm building a demo android app (technically flutter but this code is in the native java code). The purpose of app is to demonstrate logging into an app using fido. My problem is during the fido registration process. It is returning the…
Brett Sutton
  • 3,900
  • 2
  • 28
  • 53
0
votes
1 answer

Is there a method to use FIDO2/webauthn with ssh

As the title says. We use ssh to connect to many sites and would like to move to use FIDO2/webauthn for authentication. Is this possible? What tools do we need? We are using ubuntu as the client and server.
Brett Sutton
  • 3,900
  • 2
  • 28
  • 53
0
votes
2 answers

Why does GitHub issue GetAssertion requests when trying to register a new security key

I'm working on a fido2 authenticator library and found some odd behavior regarding the security key registration process on Github: I've previously registered two keys and now I want to add another one. After the getInfo API call, Github seams to…
r4gus
  • 115
  • 1
  • 11
0
votes
0 answers

Authenticate to apple.com from Android using Security key

Android FIDO2 SDK requires uploading "assetlinks.json" to relying party server to authenticate using the external security keys. To authenticate to apple.com from an Android app using a security key need to upload "assetlinks.json" to the Apple…
Forhad Naim
  • 11
  • 6
0
votes
1 answer

Shared device with WebAuthN and platform authenticator

We have a scenario where some of our B2B customers use shared ipads at their sites/locations i.e. a single ipad is shared between multiple users. Can we still authenticate using WebAuthN with platform authenticator for this scenario? I'm trying to…
Ryan.Bartsch
  • 3,698
  • 1
  • 26
  • 52
0
votes
0 answers

fido_dev_make_cred returns success but attstmt and authdata are null

Trying to perform registration using my YubiKey 5C Nano device. I have a YubiKey 5C Nano device with PIN set. Product details - YubiKey OTP+FIDO+CCID. I tried to use fido_dev_make_cred(device, cred, pin), this returns a FIDO_ERR_SUCCESS but the…
hyoyin_Kyuoma
  • 643
  • 1
  • 6
  • 16
1 2 3
9 10