FIDO policies
FIDO policies define which FIDO devices and authenticators can be used for registration and authentication purposes. FIDO allows you to authenticate users using public key-based credentials.
PingOne supports the use of the WebAuthn standard, and the PingOne FIDO2 server is a FIDO2-certified product.
FIDO2 with PingOne provides many security benefits, such as protection against phishing and replay attacks. PingOne includes the following security measures from the FIDO2 specification:
-
Based on public key cryptography
-
Does not employ server-side shared secrets that could otherwise be compromised
-
Isolates services from accounts
FIDO2 devices can include:
-
FIDO2 biometrics and security keys.
-
Passkeys. Passkeys allow cloud-synched credentials so that users can access their FIDO sign-in credentials on many of their accessing devices, even new ones, without having to re-enroll every device on every account.
FIDO2 devices and authenticators can be used for registration and authentication purposes and to enable usernameless and passwordless authentication.
You can also view, search, add, or delete FIDO devices in the Global Authenticators Table. For information, see Managing the Global Authenticators Table.