Identity

Passkeys are a modern authentication method designed to replace traditional passwords. Passkeys use cryptographic key pairs — public and private keys — to provide a more secure way to log in to websites and applications. The private key is securely stored on the user’s device, typically within a hardware security module (HSM), trusted platform module (TSM), or a secure enclave, while the corresponding public key is stored on the service’s server. By eliminating the need for passwords, passkeys help reduce the risk of phishing attacks, credential theft, and exposure of user credentials through password dumps. Passkeys often rely on the FIDO2 authentication standards, which provide a secure, passwordless login experience. ...

What Is FIDO2 Authentication? FIDO2 authentication is a passwordless login method that uses public-key cryptography to securely verify a user’s identity. Developed by the FIDO Alliance and W3C, it offers a safer, more convenient alternative to traditional passwords. The term FIDO in FIDO2 stands for Fast Identity Online. The “2” indicates the second generation of the standard. Types of FIDO2 Authentication: Hardware-Based Authentication: Uses dedicated physical devices to verify identity. Security Keys: External devices that connect via USB, NFC, or Bluetooth. Examples are the YubiKey and the Google Titan security key. ...

A TOTP (Time-based One-Time Password) is a temporary passcode generated by an algorithm for authenticating access to computer systems. It is a form of 2FA (two-factor authentication) enhancing security by requiring not only a password but also a time-sensitive code. The code, typically generated on a mobile device, expires after a short window, reducing the risk of interception and reuse. From a risk management perspective, requiring TOTP for system access reduces the likelihood of credential-based attacks, such as phishing or brute force attempts. They are widely used to secure remote access, privileged accounts, and are becoming commonplace for everyday authentication. ...