Fido2
Hi all,
I'm just wondering what Fido2 will mean for 1password and similar services, if anything. Is it something akin to the internal combustion engine replacing the horse and cart, or can Fido2 be utilised by 1password?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Hi @VinylHound
It is possible to use U2F (FIDO) as part of the process to authorize a device to access your 1Password account. You can read more about that here:
Use your U2F security key as a second factor for your 1Password account
U2F should not be thought of as a replacement for strong unique passwords, such as those generated by 1Password, but rather as an extension of that which addresses different threats (such as replay attacks).
Ben
0 -
@VinylHound: Just to add on to the technical side here, as I've been doing a bit of research into FIDO2 – 1Password uses FIDO U2F rather than FIDO2, as the latter is designed for passwordless login flows (which 1Password very much is not), while the more traditional U2F version is made for adding a second factor on top of an existing login flow.
Indeed, FIDO2 is awesome, but somewhat more limited. I'll point you towards Yubico's excellent blog post here on the subject for more info about it.
0