Hardware Partner: SoloKeys
2-factor authentication using SoloKey and PIN
We partnered with SoloKeys to provide full passwordless authentication for industrial systems using FIDO2.
But what does this mean for security?
FIDO2 “passwordless” authentication means that there is no password stored on authentication servers. Thus, one of the most prevalent security issues, a dataleak can no longer occur. Instead, the PIN authentication works on the SoloKey itself and is limited to 8 attempts before the SoloKey is disabled. Most importantly, a cryptographic challenge-response mechanism between server and SoloKey is unique per communication. Thus, it cannot be copied like a password.
Even simpler than a password
From a usability side, it’s even simpler than a password: Instead of typing in a 12-character long complex password on a display-keyboard, the technician simply plugs in her SoloKey and enter her numeric PIN to get access to the machine.
Dr.-Ing. Dominik Schürmann
Before founding the company, Dominik Schürmann was a researcher at the Technische Universität Braunschweig and worked on network security and cryptographic protocols. Yet, he did not lose sight of the usability aspects of IT security and conducted several user studies.