FIDO and Expanded Password System

The subject of FIDO frequently pops up in the comments on my digital identity posts. Let me refer to this topic today.

We might be watching two FIDOs;

(1) Password-receptive FIDO

(2) Password-rejective FIDO

We deem that the FIDO specification on its own is (1), although some FIDO people sound as if (2) is the case.

A password-repelled (passwordless) FIDO-specified product should not be recommend to the people who need a good security (*1), although it might be acceptable for low-security use cases where availability and convenience matter more.

On the other hand, irrespective of how friendlily or unfriendlily FIDO people look at us, we are certain that Expanded Password System powered by citizens’ non-volatile episodic memory (*2) is perfectly compatible with the device-based FIDO specification for providing very solid two/multi-factor authentication solutions.

Furthermore, such two/multi-factor solutions would be truly robust when the post-quantum cryptography is incorporated. The same reasoning applies to other forms of device-based authentication schemes.

*1 LOSS of Security Taken for GAIN of Security

https://www.linkedin.com/pulse/loss-security-taken-gain-hitoshi-kokumai/

*2 Power of Citizens’ Episodic Memory

https://www.linkedin.com/pulse/power-citizens-episodic-memory-hitoshi-kokumai/

Propositions for joint developments would certainly be welcome.

Website — https://www.mnemonicidentitysolutions.com/

Digital identity blogs collected at https://www.linkedin.com/pulse/collection-digital-identity-comments-hitoshi-kokumai-posted-kokumai/