1. Forum
  2. Usenet
  3. UK.D-I-Y

  • FIDO2 key

    From Harry Bloomfield Esq@21:1/5 to All on Thu Nov 28 15:34:53 2024
    If I were to fit a USB fingerprint reader/ FIDO2, lacking the reader,
    would I still be able to login to apps on the laptop?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From John Rumm@21:1/5 to Harry Bloomfield Esq on Fri Nov 29 12:37:02 2024
    On 28/11/2024 15:34, Harry Bloomfield Esq wrote:
    If I were to fit a USB fingerprint reader/ FIDO2, lacking the reader,
    would I still be able to login to apps on the laptop?

    I would guess it would depend on how you set it up and what you use it for.

    As a way to log into windows - it could be one of a number of permitted
    login mechanisms. If you set it up for 2FA on a web site etc, then it
    would then come down to how the web site configures its security and
    what mechanisms there are for recovery from loss of 2FA. It might not be
    a process that is easy enough to routinely want to do without access to
    the 2FA token source.

    --
    Cheers,

    John.

    /=================================================================\
    | Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------|
    | John Rumm - john(at)internode(dot)co(dot)uk | \=================================================================/

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Theo@21:1/5 to John Rumm on Fri Nov 29 14:13:42 2024
    John Rumm <see.my.signature@nowhere.null> wrote:
    On 28/11/2024 15:34, Harry Bloomfield Esq wrote:
    If I were to fit a USB fingerprint reader/ FIDO2, lacking the reader,
    would I still be able to login to apps on the laptop?

    I would guess it would depend on how you set it up and what you use it for.

    As a way to log into windows - it could be one of a number of permitted
    login mechanisms. If you set it up for 2FA on a web site etc, then it
    would then come down to how the web site configures its security and
    what mechanisms there are for recovery from loss of 2FA. It might not be
    a process that is easy enough to routinely want to do without access to
    the 2FA token source.

    Some websites use 'security codes', which are means to bypass the 2FA if missing.

    Another approach is to set up a password manager and then use the reader as
    a way to unlock the password manager, rather than registering it with each specific website. The manager might offer alternative ways to unlock that don't involve the reader.

    (password managers can also hold TOTP secrets, which websites use for 2FA,
    not just passwords)

    Theo

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)