This is definitely off-topic, but it is applicable to B4X.
I'm in the USA. Recently there has been a lot of news about Apple, Microsoft, and Google switching to password-less FIDO authentication.
I've been looking around for what that actually means, in practice, in terms of usability and how it is actually implemented.
It seems to be newish to the USA, maybe it's more deployed elsewhere.
For example, right now, I go to my bank website and it asks for a login and password. I can enter that information from anywhere. After switching to FIDO, what will I need to do to access my account?
I think I can use my cell phone as an authenticator device. I'm guessing now – maybe the site texts me a code which I enter to gain access?
What would happen if I don't have cellular or Wi-Fi access or my cell phone dies? Does it offer a second or third method to authenticate?
Suppose my cell phone is dead or I am at a remote computer. Will I be able to access my account?
I have seen talk about Authenticator Devices, like USB buttons or fingerprint readers. I'm guessing these work in conjunction with a Windows, IOS, or Android app. The site sends a message to the device app which asks you to perform a fingerprint scan or press a button. An acknowledgment is returned to the site. B4X might play a role in this type of scenario, if it's a valid scenario. What is the correct search term to use to search the B4X site for discussions and/or libraries on this topic?
All the information I have come across seems to be theoretical – nothing about how it will actually be implemented or used in practice. Can anybody point to a good article about how FIDO is actually done from a users perspective? Any information or insights is greatly appreciated.
Barry.
I'm in the USA. Recently there has been a lot of news about Apple, Microsoft, and Google switching to password-less FIDO authentication.
I've been looking around for what that actually means, in practice, in terms of usability and how it is actually implemented.
It seems to be newish to the USA, maybe it's more deployed elsewhere.
For example, right now, I go to my bank website and it asks for a login and password. I can enter that information from anywhere. After switching to FIDO, what will I need to do to access my account?
I think I can use my cell phone as an authenticator device. I'm guessing now – maybe the site texts me a code which I enter to gain access?
What would happen if I don't have cellular or Wi-Fi access or my cell phone dies? Does it offer a second or third method to authenticate?
Suppose my cell phone is dead or I am at a remote computer. Will I be able to access my account?
I have seen talk about Authenticator Devices, like USB buttons or fingerprint readers. I'm guessing these work in conjunction with a Windows, IOS, or Android app. The site sends a message to the device app which asks you to perform a fingerprint scan or press a button. An acknowledgment is returned to the site. B4X might play a role in this type of scenario, if it's a valid scenario. What is the correct search term to use to search the B4X site for discussions and/or libraries on this topic?
All the information I have come across seems to be theoretical – nothing about how it will actually be implemented or used in practice. Can anybody point to a good article about how FIDO is actually done from a users perspective? Any information or insights is greatly appreciated.
Barry.