Embed Notice
HTML Code
Corresponding Notice
- Embed this notice
arcanicanis (arcanicanis@were.social)'s status on Saturday, 14-Jan-2023 11:53:57 JST arcanicanis
and further on the communication and advocacy of FIDO2 is the absurdity where Microsoft tries to garner attention upon themselves for being a "pioneer" of the effort to "kill the password!". Where they keep using the term "passwordless authentication" which understandably should raise ire from any sysadmin, whereas apparently folks from Microsoft think they're playing some bigbrain 4D chess by using such wording, to get people to look into FIDO2, in clickbait-style tactics, when instead I believe it's scaring people away.
U2F/FIDO2 is a fairly interestingly minimalist and robust concept, versus the mess of PKCS standards with smartcard authentication and management, it's just that Microsoft (and some others) are really botching the messaging about it.
You can use FIDO2 authenticators for two-factor authentication, and you can certainly implement it as such in any of your applications/services. The problem is that some online services, such as crap like Azure, take an over-opinionated approach where your option is ONLY single-factor hardware authentication, which I was bitching about previously here: https://were.social/@arcanicanis/posts/AKQyHBW6ajXA0F468e