FIDO2 Authentication

A FIDO2/WebAuthn demonstration site.

FIDO2 – An Open Authentication Standard

FIDO2 is an open authentication standard, hosted by the FIDO Alliance and supported by browsers and many large tech companies such as Microsoft, Yubico, etc. It consists of the W3C Web Authentication specification (WebAuthn API), and the Client to Authenticator Protocol (CTAP).

FIDO2 Authentication Options

Addresses a Variety of Authentication Use Cases

Two-factor authentication

Strong two-factor authentication using a hardware authenticator or biometrics as an extra layer of protection beyond a password.

Try it!

Passwordless authentication

Strong single-factor authentication using a hardware authenticator or biometrics, eliminates the need for weak password-based authentication.

Try it!

Usernameless authentication

Strong single-factor authentication using a hardware authenticator or biometrics, without the need of both username and password.

Try it!

Multi-factor authentication

Strong multi-factor authentication using a hardware authenticator and a PIN or biometrics, to meet high assurance requirements.

Try it!

Authenticators

Built into the Computer/Phone

Is attached using a client device-specific transport, called platform attachment, and is usually not removable from the client device.
Eg. Windows Hello, Mac Touch Bar, Android mobile biometrics or PIN/pattern/passphrase.

Security Key

Is attached using cross-platform transports, called cross-platform attachment, connected via USB, NFC or Bluetooth.
Eg. Security key which supports FIDO U2F or FIDO2, such as YubiKey

Support

Supported natively across browsers and platforms.

Note

  • The newest versions of browsers and platforms are recommended.
  • Currently supported features are different between browser & platform combinations. Please click on each browser for details.
  • Browsers and platforms which are not listed here do not support WebAuthn now or no information. (Last updated: September 2020)

Desktop

ChromeOS Linux MacOS Windows 10
FIDO U2F API
FIDO2/
WebAuthn API
CTAP1/U2F USB
NFC
BLE
CTAP2 USB
NFC
BLE
Internal
Resident Key External
Internal
Client PIN

Implemented / Stable

In Development

Not Supported / No ETA

MacOS Windows 10 + New Edge Windows 10 + Old Edge
FIDO U2F API
FIDO2/
WebAuthn API
CTAP1/U2F USB
NFC
BLE
CTAP2 USB
NFC
BLE
Internal
Resident Key External
Internal
Client PIN

Implemented / Stable

In Development

Not Supported / No ETA

MacOS Windows 10
FIDO U2F API
FIDO2/
WebAuthn API
CTAP1/U2F USB
NFC
BLE
CTAP2 USB
NFC
BLE
Internal
Resident Key External
Internal
Client PIN

Implemented / Stable

In Development

Not Supported / No ETA

MacOS
FIDO U2F API
FIDO2/
WebAuthn API
CTAP1/U2F USB
NFC
BLE
CTAP2 USB
NFC
BLE
Internal
Resident Key External
Internal
Client PIN

Implemented / Stable

In Development

Not Supported / No ETA

Mobile

Chrome Edge Firefox
(cannot perform authr attestation)
FIDO U2F API
FIDO2/
WebAuthn API
CTAP1/U2F USB
NFC
BLE
CTAP2 USB
NFC
BLE
Internal
Resident Key External
Internal
Client PIN

Implemented / Stable

In Development

Not Supported / No ETA

Chrome Safari Brave
FIDO U2F API
FIDO2/
WebAuthn API
CTAP1/U2F USB
NFC
BLE
Lightning
( YubiKey 5Ci)
CTAP2 USB
NFC
BLE
Internal
Lightning
( YubiKey 5Ci)
Resident Key External
(cannot select account)
Internal
Client PIN
(registration only)

Implemented / Stable

In Development

Not Supported / No ETA