FIDO2 is a set of standards defining the use of mechanisms such as security keys and biometric recognition in multifactor authentication. By default, the only authentication mechanism available to HYPR users is a mobile device. If you want users to log in with a security key or through biometric recognition on their computer (Touch ID for Mac or Windows Hello, for example), you must enable FIDO2 authentication.
- In the Control Center, select the RP Application you wish to modify.
- Click FIDO2 Settings under Advanced Config in the left navigation pane.
- Slide the Enable Fido2 button to the On position.
- Enter the Client Origin URL where your users will be authenticating.
The Client Origin URL value must be all lowercase. If users are unable to pair FIDO2-based devices successfully, check this URL does not contain any uppercase characters.
- Click Save.
Users will now have the option to register and use security keys and built-in computer biometric devices.
The HYPR platform is compatible with all FIDO2-certified devices. The following devices are known to register and authenticate correctly:
Android Authenticator with SafetyNet Attestation
Excelsecu eSecu FIDO2 Security Key
FEITIAN ePass FIDO2 Authenticator
FEITIAN ePass FIDO2-NFC Authenticator
Google Chrome Mac Touchbar
Thetis FIDO2 Security Key
Windows Hello Hardware Authenticator
Windows Hello Software Authenticator
Yubico Security Key (blue)
Yubico YubiKey 5 Series
Yubico YubiKey 5 Series with NFC
Yubico YubiKey 5C
Yubico YubiKey 5Ci FIP
YubiKey Bio Series
Updated 4 months ago