If you're a fan of adventure movies, watch these works by star Dwayne Johnson before the screening of "Black Adam."

 Standard "Fido 2".. Login safely and without passwords

Standard "Fido 2".. Login safely and without passwords

For Internet security reasons, one must create a password specific to each service or online account, but of course, it is difficult for one to remember all of one's passwords without using password manager tools. Regardless of password power and efficiency, hackers and attackers can often hack or steal passwords.

The two-step login function or 2FA function increases the level of security on the Internet, as the account is validated by a second factor along with the password, for example by relying on an app that creates a security code, but this function makes login more complicated.

Quick Internet ID

The Fast Identity Online function, known as the Fido function, solves this problem, even renders the password itself irrelevant, and the Fido abbreviation refers to a set of IT security standards.

The newer criterion Fido allows secure login to Internet services without a password, and this shows the question of how this function works. If the user wishes to log in via the Fido2   standard, he or she must initially register a device in the service concerned, such as a smartphone, tablet, or desktop computer.

During registration, two encrypted chains are created as a pair, representing the public key and the private key. The service gets the public key and the private key or secret key is stored on the device, which can be called the authentication factor.

If the user wants to log into the service, the device creates an electronic signature by the secret key, after which the service can verify the authenticity of that signature by the public key.

Professor Markus Dormot, of the Institute for Information Technology Safety at the University of Leiptez in the German city of Hannover, explained that this function operates in the traditional signature method on paper, adding that "the authenticity of the signature is verified by comparing the method of writing the signature to the preserved sample."

This method is safe because "Fido 2" criterion provided an additional degree of security, as the electronic signature contained a time stamp, and even if pirates could penetrate the electronic signature they would not be able to exploit it later.

In addition, the private key or secret key is safely kept on authentication devices. Jan Mann of the German specialist magazine Sett (c 't) explained that the private key is stored on authentication devices in the reliable platform module known as "TPM", which is a solid chip designed to have no port to penetrate the secret key.

The private key is computerized once on the device and stored on it, and upon login, the device only leaves the electronic signature and not the private key itself.

It should be noted that the reliable platform module "TBM" with encrypted chips is found in most new smartphones, computers, and laptops, and Microsoft has also announced that the reliable platform module "TBM" has become one of the current requirements for installing Windows 11.

When relying on an old computer or smartphone without a reliable platform module, the private key can be stored on flashcards connected to the computer via the USB port.

Token

Flash memory units with an encrypted chip are known as "Token", and not only are they important to replace the password with the Fido2  standard, but they can be used as a second authentication factor by service, as the 2FA function is part of the Fido standard.

This shows a question about the procedures followed when the smartphone stored on the private key is lost. To answer this question, Markus Dormot explained that "the official recommendation, when using FIDO 2, states that the private key should be registered on two devices".

The second device should be a smartphone or desktop computer, and a USB could also be used to store it in a secure place as a backup to the private key.

Cloud Sync

Cloud synchronization of a private key is a relatively new solution to the problem of losing devices stored on a private key. Such solutions are easy to use, with the user storing the private key on Internet servers with the possibility of syncing it on many online devices, which is the same way Apple has with its own Fido 2 function.

At the beginning of May 2022, Apple, Google, and Microsoft announced working together to add new jobs to Fedo 2 until 2023; The user will automatically have access to various device data, including new devices, without having to log back into each account.

In addition, it will be available to use a mobile device as a validator to log into apps or websites on other devices in the near range, regardless of the operating system or browser.

The Federal Office for Information Technology Security (BSI) is a member of the Fedo Federation, and the German Federal Office has positively classified the "Fedo 2" standard in a number of respects, but the additional degree of security is achieved only by appropriately securing the authentication device.

In order to provide higher levels of security, it is necessary to check how FIDO 2 is implemented on websites, as security scores are linked to how FIDO 2 is implemented by the company in its service.