As reported by Inside Cybersecurity, “the Fast Identity Online (FIDO) Alliance wants more buy-in from government to move forward with creating detailed guidance for implementing its phishing-resistant authentication standard targeted at federal agencies. The FIDO Alliance published a white paper in October on deploying FIDO access credentials in the federal identity ecosystem.”
The Office of Management and Budget (OMB) identified FIDO as an alternative to using the government’s Personal Identity Verification (PIV) standards for multifactor authentication (MFA). As part of its zero trust strategy, OMB requires federal agencies to implement phishing-resistant MFA.
Tom Clancy, principal cybersecurity engineer, MITRE, a member of the FIDO Alliance, noted that “FIDO authentication is meant to be a ‘complementary architecture’ to use when PIV is not accessible, such as for some government contractors and in cloud environments.”