Hardware Partner: SoloKeys
We partnered with SoloKeys to provide full passwordless authentication for industrial systems using FIDO2.
But what does this mean for security?
FIDO2 “passwordless” authentication means that there is no password stored on authentication servers. Thus, one of the most prevalent security issues, a dataleak can no longer occur. Instead, the PIN authentication works on the SoloKey itself and is limited to 8 attempts before the SoloKey is disabled. Most importantly, a cryptographic challenge-response mechanism between server and SoloKey is unique per communication. Thus, it cannot be copied like a password.
Even simpler than a password
From a usability side, it’s even simpler than a password: Instead of typing in a 12-character long complex password on a display-keyboard, the technician simply plugs in her SoloKey and enter her numeric PIN to get access to the machine.