#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
DevSecOps

FIDO Universal 2nd Factor Authentication | Breaking Cybersecurity News | The Hacker News

Category — FIDO Universal 2nd Factor Authentication
Android Gets FIDO2 Certification—Now Supports Secure Passwordless Logins

Android Gets FIDO2 Certification—Now Supports Secure Passwordless Logins

Feb 25, 2019
Great news. If you have already installed the latest update of Google Play Services released earlier today, and your Android device is running Android version 7.0 Nougat or above—Congratulations! Your device is now FIDO2 Certified. Are you thinking… what the heck that actually means? It means, instead of remembering complex passwords for your online accounts, you can now actually use your Android's built-in fingerprint sensor or FIDO security keys for secure password-less access to log into apps and websites that support the FIDO2 protocols, Google and the FIDO Alliance—a consortium that develops open source authentication standards—announced Monday. FIDO2 (Fast Identity Online) protocol offers strong passwordless authentication based on standard public key cryptography using hardware FIDO authenticators like security keys, mobile phones, and other built-in devices. FIDO2 protocol is a combination of W3C's WebAuthn API that allows developers to integrate FIDO aut...
Titan Security Keys – Google launches its own USB-based FIDO U2F Keys

Titan Security Keys – Google launches its own USB-based FIDO U2F Keys

Jul 26, 2018
At Google Cloud Next '18 convention in San Francisco, the company has introduced Titan Security Keys —a tiny USB device, similar to Yubico's YubiKey, that offers hardware-based two-factor authentication for your online accounts with the highest level of protection against phishing attacks. These hardware-based security keys are thought to be more efficient at preventing phishing, man-in-the-middle (MITM) and other types of account-takeover attacks than 2FA via SMS, as even if your credentials are compromised, account login is impossible without that physical key. Earlier this week Google revealed that its 85,000 employees have been using physical security keys internally for months and since then none of them have fallen victim to phishing attacks. Compared with the traditional authentication protocols ( SMS messages ), Universal 2nd Factor Authentication (U2F) is extremely difficult to compromise that aims to simplify, fasten and secure two-factor authentication proc...
4 Ways to Keep MFA From Becoming too Much of a Good Thing

4 Ways to Keep MFA From Becoming too Much of a Good Thing

Feb 11, 2025IT Security / Threat Protection
Multi-factor authentication (MFA) has quickly become the standard for securing business accounts. Once a niche security measure, adoption is on the rise across industries. But while it's undeniably effective at keeping bad actors out, the implementation of MFA solutions can be a tangled mess of competing designs and ideas. For businesses and employees, the reality is that MFA sometimes feels like too much of a good thing. Here are a few reasons why MFA isn't implemented more universally. 1. Businesses see MFA as a cost center MFA for businesses isn't free, and the costs of MFA can add up over time. Third-party MFA solutions come with subscription costs, typically charged per user. Even built-in options like Microsoft 365's MFA features can cost extra depending on your Microsoft Entra license. Plus, there's the cost of training employees to use MFA and the time IT takes to enroll them. If MFA increases help desk calls, support costs go up too. While these expenses are far less t...
Enable Google's New "Advanced Protection" If You Don't Want to Get Hacked

Enable Google's New "Advanced Protection" If You Don't Want to Get Hacked

Oct 18, 2017
It is good to be paranoid when it comes to cybersecurity. Google already provides various advanced features such as login alerts and two-factor authentication to keep your Google account secure. However, if you are extra paranoid, Google has just introduced its strongest ever security feature, called " Advanced Protection ," which makes it easier for users, who are usually at high risk of targeted online attacks, to lock down their Google accounts like never before. "We took this unusual step because there is an overlooked minority of our users that are at particularly high risk of targeted online attacks," the company said in a blog post announcing the program on Tuesday.  "For example, these might be campaign staffers preparing for an upcoming election, journalists who need to protect the confidentiality of their sources, or people in abusive relationships seeking safety." Even if a hacker somehow gets your password—using advanced phishing a...
cyber security

Level Up Your Cyber Skills at SANS 2025

websiteSANS InstituteCyber Security / Training
Master in-demand techniques at our largest training event in 2025. Explore 50+ courses. Train in person to claim your $769 savings!
Facebook Adds FIDO U2F Security Keys Feature For Secure Logins

Facebook Adds FIDO U2F Security Keys Feature For Secure Logins

Jan 27, 2017
Hacking password for a Facebook account is not easy, but also not impossible. We have always been advising you to enable two-factor authentication — or 2FA — to secure your online accounts, a process that requires users to manually enter, typically a six-digit secret code generated by an authenticator app or received via SMS or email. So even if somehow hackers steal your login credentials, they would not be able to access your account without one-time password sent to you. But, Are SMS-based one-time passwords Secure? US National Institute of Standards and Technology (NIST) is also no longer recommending SMS-based two-factor authentication systems , and it's not a reliable solution mainly because of two reasons: Users outside the network coverage can face issues Growing number of sophisticated attacks against OTP schemes So, to beef up the security of your account, Facebook now support Fido-compliant Universal 2nd Factor Authentication (U2F), allows users to log into ...
Expert Insights / Articles Videos
Cybersecurity Resources