Thursday, August 29, 2019

FIDO Alliance, StongKey, and OWASP

I need to catch some Zs, so I will try to update this article tomorrow.

Earlier today Arshad Noor gave a talk at our local OWASP chapter. He represents StrongKey (they have the octopus whose face seems to imply he knows what Tux did to have that look on his face) at the FIDO Alliance, and talked about the need and evolution of multifactor authentications systems. The part I was interested is separating the authentication from having physical access to the system you want to connect to; the former would be something like Yubikey. Application here is those servers we all need to remote access. The only part I do not like is that we are still stuck to using an app in a smartphone for that.