The industry moved one step closer to passwordless login with this week’s Microsoft announcement that starting with Microsoft Edge build 17723, the browser will support FIDO2 strong first-factor and multifactor passwordless login, and second-factor authentication.
Now, with Chrome, Firefox, and Edge all engaged to support WebAuthn, we have two-thirds of all major web browsers backing this next-generation protocol. In March this year, W3C Web Authentication Working Group announced that WebAuthn reached Candidate Recommendation (CR) status, meaning with high interoperability, any browser could add support.
This is exciting news for developers, application creators, and those who want to secure their services with WebAuthn and FIDO2 to enable a passwordless login experience.
As a leading contributor and driver of the FIDO2 and WebAuthn open authentication standards, Yubico is committed to helping the larger developer community navigate implementation. Earlier this year we launched a new Developer Program to help developers rapidly integrate with these new standards. Over 1000 companies have registered to date with the program to find resources to help them become successful in integrating FIDO2. Most recently Yubico hosted an expert FIDO2/WebAuthn webinar series focused specifically on FIDO2 and WebAuthn education and deployment:
- FIDO2 Authentication Demystified
- FIDO2 WebAuthn Data Flows, Attestation, and Passwordless Technical Overview
- FIDO2 WebAuthn Server Validation Technical Overview
With new WebAuthn browser support available in Edge, Chrome, and Firefox, a FIDO2 compatible hardware-based authenticator — such as the Security Key by Yubico — can replace a username and password as a much stronger form of single-factor authentication. WebAuthn still allows for the second-factor authentication and also support the use of PIN or biometrics with both external and platform authenticators for a multi-factor passwordless login experience.
The FIDO2 momentum is strong and we encourage developers and security architects interested in the new standard to sign up for our Yubico Developer Program mailing list to stay up-to-date on workshops, webinars, implementation guides, reference code, APIs and SDKs. New content is being added on an ongoing basis with the next FIDO2 resources becoming available later this month.
For those that are still unfamiliar with FIDO2 and WebAuthn, visit our latest blog that answers some of the most common questions we’ve received about the standard so far.
(Browser market share percentage via statcounter)