FIDO Security Keys

Frequently Asked Questions

1. What are FIDO and FIDO Security Key
FIDO (Fast Identity Online) is a set of standard and specification developed by FIDO Alliance to provide a solution to replace the traditional password authentication scheme. FIDO Security Keys are hardware based security keys support FIDO Specification to secure web service accounts.

2.Why should I use FIDO Security Key?

Traditional Password authentication scheme have some security and usability issues. Using simple passwords across multiple sites will create security risks such as phishing and MITM attacks. Using complex passwords can also bring usability issue and frequent password reset.

FIDO Security Keys utilized public key cryptography to provide a secure authentication scheme to online accounts. The security key will create a new set of key pair to enhance the security.

3.How to achieve passwordless using FEITIAN Security Keys?

The passwordless authentication is by Microsoft based on FIDO2 standard to allow users achieve passwordless authentication with the combination of Azure Active Directory (or Office 365 Accounts) and FEITIAN biometric enabled security keys to authentication to PC and Web services without typing anything. More detail can be seen at:
https://www.microsoft.com/en-us/security/technology/identity-access-management/passwordless

4.How many accounts can I secure?

In FIDO2, server can choose whether to store the credential inside the key or inside the server. If server choose store the credential inside the key, we can store 128 credentials. Currently, most of web application choose to store credentials on server side.

5.How to protect my account with FIDO Security Key?

Usually, user need to login to their accounts as normal. Then go to account settings/security and choose multi-factor authentication and then choose set up security keys.

Note: Different web applications may have different account settings structure. Please reference the Compatible Service Catalog for more detail.

6.What happens if I lose the key?

If someone get the security key, don’t worry. They cannot access your account without your user name, password or Biometric. The dedicated users can still logon to the account by using back-up security key or other method. Then user can disable the lost security key and provision a new key.

7.Why the Biometric Sensor does not working?

The Biometric sensor of BioPass FIDO2 Security Key is designed as both Fingerprint sensor and a touch button. If you haven’t provision fingerprint inside your key, please follow the guide here:
When verifying the fingerprint, please make sure that you use the same partition of the provisioned finger for best experience.

8.Why the HOTP output is “strange”?

The HOTP function of FEITIAN FIDO Security Key emulates HID Keyboard protocol to enable automatically type the value in. Due to some keyboard have different numeric layout, some output might be different. It is recommended to switch to US Keyboard Layout when using the HOTP to prevent potential mistake. For some specific layout such as French keyboard layout, user can also choose to press the button while holding the “Shift” Key.