FIDO2 questions answered by John Craddock

John Craddock in full flow at Microsoft Ignite
John Craddock presents a session live at Microsoft Ignite, Autumn 2019.

Our technical webinar about FIDO2 presented by identity guru John Craddock was hugely popular.

John Craddock, MVP, has a knack for identifying and understanding the leading-edge technical topics that people want to know about. He is also a gifted communicator, and in this session, he lifted the lid on FIDO2 with clear technical explanations about how it works and why you need to know about it.

This webinar was recorded before Microsoft rebranded Azure AD to Microsoft Entra ID but it is still relevant and full of useful information.

FIDO2 questions answered

Some great questions – see below – were asked which, due to time constraints, John didn’t get a chance to answer during the webinar. But you can now find the answers in John’s FIDO2 Q&A blog.

  • Can I use a U2F key with a website that uses FIDO2?
  • Can we use a FIDO key as another factor for MFA?
  • When referring to a FIDO2 key, what is the PIN used for?
  • What is the difference between a PIN and a password?
  • How secure is your account if you lose or have your FIDO2 security key stolen?
  • In a demo I watched when the user was signing into Azure AD, all they had to do was touch the key. How can that be secure? Can we enforce a PIN to be used every time?
  • Can a user sign in to multiple Windows 10 desktops with the same FIDO2 key?
  • If I reset a key, what happens when going to the website (RP) login where previously the device and PIN had been registered?

READ JOHN’S FIDO2 Q&A BLOG IN FULL

View all John Craddock webinars on demand

Previous webinar sessions we have hosted for John – on Decentralized Identity, Blockchain, Azure AD Cloud Authentication, and Authentication Without Boundaries – have also been very popular.