FIDO2 is made up of WebAuthN browser API standard and the FIDO CTAP (Client to Authenticator Protocol), which builds on the previous project by the FIDO alliance for Universal Two Factor (U2F) authentication standard.
While WebAuthn is the World Wide Web Consortium (W3C) approved web authentication standard which has been adopted by many other tech industry leaders, with the WebAuthn API allowing strong browser-to-hardware-based authentication by devices such as security keys, mobile phones (NFC), and built-in authenticators like TouchId.
So, in order to deliver a more secure experience for users, Twitter is offering a set of two-factor authentication methods to help improve the security of the accounts on the platform.
Twitter 2FA added with the options of security keys will stand out as one of the strongest authentication method to thwart phishing and low friction resistant capabilities. Albeit, Twitter already support security key-based 2FA for about a year now, but the prevailing FIDO U2F standard supported only limited number of authenticators and browsers, restricting widespread adoption.
The Client to authenticator protocol (CTAP) enables FIDO2-capable devices to interface with external/roaming authenticators over USB, Bluetooth, or Near field communication (NFC). It enforces secure device-to-device authentication channel, with the communication typically between a user owned cryptographic roaming authenticator, such as smartphone or hardware security key, and a client platform like a laptop.
Twitter with the update to 2FA, seek to offer an upgrade and secure authentication standard for security key, to support more browsers and authenticators of the future.
The WebAuthn follows the same process as when registering security key, and it's enabled by default, with support only for the physical security key authenticators with WebAuthn, but Twitter has promised to add support for more options in the future.
No comments