March 2024 Summaries
4 posts from FusionAuth
Filter
Month:
Year:
Post Summaries
Back to Blog
The concept of passkeys is being promoted as a solution to the problems associated with traditional passwords, such as security breaches and user fatigue. Passkeys are a form of authentication that can replace or augment passwords, offering inherent security advantages due to their decentralized nature. Many major companies, including Microsoft, Apple, Google, Facebook, LinkedIn, Best Buy, Nintendo, Shopify, and others, have rolled out support for passkeys since 2022, leading to increased adoption and improved product experiences. The transition to passkeys is seen as a way to eliminate friction and password fatigue, making it easier for users to log in without having to remember passwords. A free webinar is being hosted to discuss the benefits, use cases, and future of passkeys, which will cover their applications in 2024 and beyond.
Mar 20, 2024
484 words in the original blog post.
In response to the increasing vulnerabilities associated with traditional passwords, passkeys have emerged as a more secure and user-friendly alternative. While passwords are often challenging to manage and remember, leading to poor security practices like recycling or writing them down, passkeys offer a solution by leveraging public-key cryptography. This technology, supported by major tech companies like Microsoft, Google, and Apple, uses a combination of public and private keys, with the private key remaining secure and only accessible upon verifying the user's identity through methods like fingerprints, facial recognition, or PINs. This approach not only simplifies the login process by eliminating the need for memorizing complex passwords but also significantly enhances security, as demonstrated by systems like Windows Hello and Appleās FaceID, which utilize passkeys for authentication.
Mar 12, 2024
563 words in the original blog post.
FusionAuth version 1.49.1, released in early March 2024, focuses on bug fixes and security improvements, addressing a total of 29 issues and enhancements. Among the notable updates, the release restores functionality for LinkedIn's "Sign in with LinkedIn" feature by adopting the new OIDC-compliant API, provides more frequent progress updates for Elasticsearch reindexing to improve user experience, and introduces a workaround for email link checkers that previously rendered one-time codes invalid. These changes aim to enhance user experience and functionality, with additional fixes including addressing PostgreSQL 15 maintenance mode issues and updating internal dependencies. Users are encouraged to review the release notes for a detailed understanding of changes and to follow upgrade guidelines for both self-hosted and cloud deployments.
Mar 07, 2024
915 words in the original blog post.
MFA is crucial for protecting sensitive information and preventing unauthorized access to resources. The current adoption rate of MFA is under 40% in small businesses, highlighting the need for its implementation. MFA requires users to provide two or more verification factors, which can include something they know (password), something they have (authenticator app or SMS), or something they are (biometric verification). Leveraging a combination of these factors creates strong security measures that reduce the risk of unauthorized access while maintaining user experience. MFA is essential in scenarios involving sensitive information, remote access, compliance requirements, and high-profile accounts. However, its implementation continues to evolve with new technologies and methodologies, such as biometrics, AI, and machine learning.
Mar 01, 2024
1,112 words in the original blog post.