FIDO and Expanded Password System

The subject of FIDO frequently pops up in the comments on my digital identity posts. Let me refer to this topic today.

We might be watching two FIDOs;

(1) Password-receptive FIDO

(2) Password-rejective FIDO

We deem that the FIDO specification on its own is (1), although some FIDO people sound as if (2) is the case.

A password-repelled (passwordless) FIDO-specified product should not be recommend to the people who need a good security (*1), although it might be acceptable for low-security use cases where availability and convenience matter more.

On the other hand, irrespective of how friendlily or unfriendlily FIDO people look at us, we are certain that Expanded Password System powered by citizens’ non-volatile episodic memory (*2) is perfectly compatible with the device-based FIDO specification for providing very solid two/multi-factor authentication solutions.

Furthermore, such two/multi-factor solutions would be truly robust when the post-quantum cryptography is incorporated. The same reasoning applies to other forms of device-based authentication schemes.

*1 LOSS of Security Taken for GAIN of Security

*2 Power of Citizens’ Episodic Memory

Propositions for joint developments would certainly be welcome.

Website —

Digital identity blogs collected at



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Hitoshi Kokumai

Advocate of ‘Identity Assurance by Our Own Volition and Memory’, Inventor of Expanded Password System and Founder of Mnemonic Identity Solutions Limited in UK.