Thales banner

FIDO and FIDO2 Devices

Strong Passwordless Authentication

 

What is FIDO and why use it?

FIDO2 is the umbrella term for FIDO Alliance's newest set of specifications. FIDO2 authentication enables users to capitalize on common devices to authenticate quickly and securely to online services in both desktop and mobile environments. FIDO authentication is the industry's solution to the global password challenge and addresses all of the concerns of traditional authentication.

To reduce risk to your Windows logon, SaaS applications, users with high privilege and users in general, Thales supports FIDO passwordless authentication using multi-factor authentication (MFA) hardware devices.

Switching to a Passwordless world – What is passwordless authentication?

Accessing apps or IT systems without using a password or security questions by replacing passwords with FIDO compliant devices introduces a modern passwordless MFA experience that is resistant to phishing attacks and account takeovers, and enables compliance. Enjoy a passwordless authentication solution with presence detection, which creates a third factor of authentication: Something you have (physical token), something you know (PIN), something you do (touching token edge).

Thales multi-factor authentication devices use current and emerging protocols to support multiple applications at the same time. Use one security key that combines support for FIDO2, WebAuthn, U2F, and PKI to access both physical spaces and logical resources.

Organizations expanding their digital transformation are moving applications and data to the cloud to:

  • Enable accessibility from anywhere
  • Decrease operating costs

As users log in to an increasing number of cloud-based applications, weak passwords are emerging as the primary cause of identity theft and security breaches.

Going FIDO Passwordless with Thales

FIDO Authentication Solutions

 

Id Prime Tab

One Device for FIDO & PKI or FIDO & Physical Access

Extend Modern Authentication to PKI Environments - Organizations that rely on PKI authentication can now use a combined PKI-FIDO smart card to facilitate their cloud and digital transformation initiatives by providing their users with a single authentication device for securing access to legacy apps, network domains and cloud services.

Physical Access - For optimum convenience, Thales FIDO smart cards support physical access enabling users to access both physical spaces and logical resources with a single customizable smart card.

 

USB Token with Touch Sense Options

FIDO Token with Touch Sense Options

The SafeNet eToken FIDO is a USB token, an ideal solution for enterprises looking to deploy passwordless authentication for employees. This FIDO authenticator is a compact, tamper-evident USB with presence detection, which creates a third factor of authentication: Something you have (physical token), something you know (PIN), something you do (touching the token).

 

Thales and Microsoft partner to provide Microsoft Azure AD customers with FIDO and CBA phishing-resistant authentication

With the new Azure AD cloud-native CBA support, Microsoft customers can use Thales X.509 certificate-based Tokens, Smart cards, and FIDO authenticators for all their identity protection needs. By supporting multiple use cases (PKI, CBA, FIDO2 authentication, physical access) in a single device, Thales allows organizations to extend high assurance access to the cloud while building on their existing environments.

Id Prime Tab

Full integration with MS Azure AD

To address customer needs for FIDO, phishing-resistant authentication for Azure AD managed resources, Thales is offering a Microsoft-verified and tested USB FIDO security key. The Thales key and other Thales FIDO devices are fully compatible and integrated with Azure AD. They are ideal for protecting cloud services and on-premises applications.

Learn more about Thales FIDO2 Authentication for Azure AD in our solution brief and combine Microsoft Azure AD with Thales FIDO authenticators to reduce security breaches and meet US / EU regulations.

Reach out for a Free Sample

IDP Compatibility with FIDO Security

Thales FIDO devices are compatible with any IDPs that support the FIDO2 standard.

Tested IDPs include:

  • Thales SafeNet Trusted Access
  • Microsoft Azure Active Directory, now Part of Entra
  • AWS Identity and Access Management (IAM)
  • ForgeRock Access Management (Identity Platform)
  • Intercede MyID

Thales FIDO Tokens, SafeNet eToken FIDO, SafeNet eToken FIDO for Microsoft Azure AD and SafeNet IDPrime 3940 FIDO are all FIDO2 and U2F FIDO certified, and compatible with Microsoft Azure Active Directory accounts.

2022 Cybersecurity Excellence Awards

SafeNet Trusted Access has been awarded the
Gold 2022 Cybersecurity Excellence Award for
Best Passwordless Solution, Best Multi-Factor Authentication and Best Identity and Access Management

The 2022 Cybersecurity Excellence Awards honor individuals and companies that demonstrate excellence, innovation and leadership in information security. With over 900 entries in more than 250 award categories, the 2022 Awards program is highly competitive. All winners reflect the very best in innovation and excellence in tackling today’s urgent cybersecurity challenges.

  • SafeNet FIDO2 Key Benefits

Arm your enterprise with strong and secure passwordless authentication to any environment.

Benefits include: 

  • Secure cloud adoption and bridge secure access across hybrid environments with a combined PKI/FIDO smart card
  • Easy access on multiple operating systems
  • Passwordless access to cloud apps & network domains 
  • Single authenticator for all users' needs
  • CC certified
  • Supports all devices and OS (without middleware deployment)
  • Ideal for digital signatures and email encryption

Recommended Resources

Conquer Phishing Attacks with Strong Authentication - Thales and Microsoft

In this Webcast, Matthew Isbell @ Microsoft and Gregory Vigroux @ Thales discussed about new regulations for strong and phishing-resistant authentication and how to meet them by combining Azure AD CBA and authentication strengths capabilities with Thales PKI/FIDO authenticators.

How to install a FIDO token in your Microsoft environment

Please make sure your IT team has activated the “security key” option in Azure Active Directory.

Top 5 Reasons Choosing FIDO2 Devices for Enterprise Authentication

FIDO authentication has gained traction as a modern form of MFA because of its considerable benefits in easing the log in experience for users. It also overcomes the inherent vulnerabilities of text-based passwords.

Thales Passwordless FIDO2 Authentication for Azure AD, part of Microsoft Entra

As users log into an increasing number of cloud-based applications, weak passwords are emerging as the primary cause of identity theft and security breaches.

Passwordless Authentication: How Giving Up Your Password Might Make You More Secure

Passwords are one of the oldest security tools in the world of software and the internet. But in today’s environment, passwords cannot provide enough protection for businesses for several reasons.

SafeNet FIDO2 Passwordless Devices

Organizations expanding their digital transformation are moving applications and data to the cloud to enable accessibility from anywhere and decrease operating costs. As users log in to an increasing number of cloud-based applications, weak passwords are emerging as the primary cause of identity theft and security breaches.

Market Leaders in Passwordless Authentication - KuppingerCole Report

Explore the Passwordless Authentication Leadership Compass where KuppingerCole identifies the leaders in the market and presents you with a compass to help you to find the product or service that best meets your needs.

FIDO Authentication

IT security professionals around the world agree that passwords are obsolete and should be considered as a relic of the past. The costs of maintaining passwords outweigh the benefits. The motives to eliminate password-based authentication mechanisms are compelling.