What is FIDO2?
FIDO2 is a set of open standards developed by the FIDO Alliance that allows users to authenticate to websites and applications without passwords, using instead a hardware security key (like a YubiKey) or the built-in biometrics on their device (such as a fingerprint reader or face recognition). Unlike passwords, FIDO2 credentials are unique to each website, never transmitted over the network, and stored securely on the user’s device making them highly resistant to phishing, credential stuffing, and many man in the middle attack patterns. FIDO2 is rapidly becoming a strong standard for strong authentication and is supported by all major browsers and operating systems, as well as identity platforms like Okta and Microsoft Entra.