For as long as I have been in the security industry, a good quarter of a century, the conundrum of security versus usability has reigned. Attempts at redressing this balance have arisen. Mobile-based authentication has been added to the security armory of both the consumer and the enterprise login credentials. Further attempts at hardening login whilst balancing usability, have seen the advent of biometric authentication methods; all attempt to cope with the infinite “phishability” of the humble password. Yet still, authentication remains the bugbear of the consumer and the identity industry.
The FIDO Alliance has been working to crack this security/usability riddle since 2012. Until now, their efforts have been chiefly aimed at the enterprise. However, as consumer identity and remote working creates a fuzzy identity landscape, FIDO has turned its sights on fixing authentication for consumers.