Redmond Magazine

Microsoft Highlights Certificate-Based Authentication and FIDO2 Security Advances

Microsoft cited progress on enabling phishing-resistant authentications for organizations, in a Friday announcement. The announcement highlighted FIDO2 preview support for iOS and MacOS apps, ...
CSOonline

Microsoft Authenticator passkey support to be native in January

In statements that some labeled vague and confusing, Microsoft further embraced passkeys — and is decidedly not embracing CISOs who don’t want them. Microsoft has positioned itself as a strong convert ...
Bleeping Computer

New downgrade attack can bypass FIDO auth in Microsoft Entra ID

Security researchers have created a new FIDO downgrade attack against Microsoft Entra ID that tricks users into authenticating with weaker login methods, making them susceptible to phishing and ...
CSOonline

Design flaw has Microsoft Authenticator overwriting MFA accounts, locking users out

With use of multi-factor authentication rising, end-users can find themselves fiddling with codes and authentication apps frequently throughout their days. For those who rely on Microsoft ...
Ars Technica

Phishers have found a way to downgrade—not bypass—FIDO MFA

Researchers recently reported encountering a phishing attack in the wild that bypasses a multifactor authentication scheme based on FIDO (Fast Identity Online), the industry-wide standard being ...