FIDO Promises a Life Without Passwords

Показать описание

How many passwords do you have to keep track of? Answer: Too many! In this video, cybersecurity guru Jeff Crume explains the FIDO standard which eliminates the need for passwords entirely. In addition to creating a passwordless login, FIDO's benefits include resistance to phishing and replay attacks.

Рекомендации по теме

Комментарии

Fido is simply public key authentication, something we have since the early 90s and that everybody could have used but nobody wanted to use within the last 30 years; except for UNIX/Linux SSH users. Also it's not really the end of passwords, as if Fido keys are not encrypted, they can be stolen just like if you write your plain text passwords somewhere. Of course, this limits the amounts of passwords to just one but so does a password manager. Yet a password manager can be used with any device and from anywhere, as it requires no external hardware, no USB port or Bluetooth and also no special software support in the system or the browser.

xcoder

How to handle the situation where phone is stolen or lost...? I guess still need email or similar OTP handling mechanism.

randomforest_dev

"Help. I lost my phone. How do I get my passwords?"

JoseJimeniz

Ive been doing this for over 10 years with GPG though I never gave it a spiffy name. The difference is that when you register, you add the servers gpg key to your ring. The server encrypts with your pub key and signs with its private key, the client validates the sig with the servers pub key and decrypts with the client private key, then encrypts the challenge with the servers pub key and signs with the clients private key before sending it back to the server.

This way the server validates the user and the user has validated it is the correct server.

GrandpasPlace

Ive been having fun messaging my kid directly through TCP sockets but this inspires me to make a server that saves user info so we can talk regardless of if we know each other's IP addresses 🤔💡

bobanmilisavljevic

Not even 3 minutes and I'm amazed by this guy's ability to write on a mirror for us to read HOLY CRAP.

GoldenHeartNecklace

I appreciate the verification part of this process. It wasn't quite solidified in my mind till this video.

jdubz

Good video describing the basics. I think also explaining OTP and TOTP would be great topics.

Flankymanga

Password managers have really solved the "password" problem already. All this causes is headaches when people lose their security key device.

ultrastoat

I miss the FidoNet days. Good thing they’re bringing it back!

CreachterZ

I really like the way google handles linking your phone's messaging with the web version: You select "device pairing" from the settings menu on your phone and aim your phone (the camera is activated when pairing) at a large QR code on the screen. Instantly they are linked. No password needed and it's really fast. And since only my phone would work, it's secure as well.

JustWastedHoursHere

Great explanation. Bonus points for seamlessly writing backwards the whole time!

penrith

Can we just appreciate that he wrote everything in mirror image from his perspective on that transparent board 😮

UtubeItube

I like how the camera's POV is a higher dimensional view. We see the speaker in a 3rdperson, while viewing his POV simultaneously.

BenFaded

Clever filming trick. I bet he’s right handed.

taylorpoole

I think that on top of that, the communication from the server to the client should be encrypted with the private key of the server and the responses from the client should be encrypted with the public key of the server. This way each side proves its identity to the other side

soulimanemammar

I believe there was an error in the video.

I thought that one would use the receiving party's public key to encrypt the message, and the receiving party use their private key to decrypt the message.

The response to the sender is then encrypted by the sender's public key to be decrypted by the sender using their private key.

The video suggests the opposite, that the encryption occurs with the private key. If that was the case, the encrypted message would be decrypted by anyone holding the public key.

DanielShamany

This is a great video, I have heard of FIDO but never researched it at all, thanks so much!

sherrilltechnology

Absolutely love this. Going to set this up in my lab.

natedavisshow

So when the device is compromised. They have access to all the user's accounts. 😅😂🤣

AJGamer

FIDO Promises a Life Without Passwords

FIDO Promises a Life Without Passwords

FIDO Explained

Passwords vs. Passkeys - FIDO Bites Back!

Psychology Facts #lovefacts #girlfacts #viral #ytshorts #malefacts#motivation #world #love#truelove

Husband behaves strangely every time a call comes in - Mother-in-law tries to harm his wife

How FIDO standards have made it possible to be free of phishing

Mere Haath Mein | Song | Fanaa | Aamir Khan | Kajol | Sonu Nigam | Sunidhi Chauhan | Jatin-Lalit

【MULTI SUB】The rich wife got revenge on her cheating husband✨#drama #cdrama #revenge

DIDO - White Flag (Live 'Arena di Verona' - Italy - 2003)

drop a ❤️ if you still hum this when you see them #chandsifarish #fanaa #aamirkhan #kajol #yrfshorts...

Dido - White Flag | Lirik Terjemahan

Madison Beer - I would take a bullet for you just to prove my love (Good In Goodbye) (Lyrics)

morning, Wendy.

White Flag

Fredo Bang - Last One Left Feat. Roddy Ricch (Official Video)

FOUND by the WINDOW FAMILY in Minecraft!

Vedo - You Got It (Official Music Video)

Fido | 86 EIGHTY-SIX

Dwarf Planet Song | Space Explained by KLT!

Mix Éxitos Románticos - Pop En Español (Live Session)

Introduction to the FIDO Alliance: Vision & Status

An American Tail (1986) - There Are No Cats In America Scene (2/10) | Movieclips

20. FIDO is the Future, But Not for Security

Chanda Chamke | Full Song | Fanaa | Aamir Khan, Kajol, Rishi Kapoor, Ali Haji | Jatin-Lalit, Prasoon