all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Why is it that CTAP2 can be used for passwordless authentication, when U2F can't?

Add to bookmarks
Sept. 5, 2022, 12:42 a.m. | /u/it-can-be-too-late

cybersecurity www.reddit.com

Many blogs ([like this one](https://www.okta.com/blog/2019/04/the-ultimate-guide-to-fido2-and-webauthn-terminology/)) say:

> CTAP1 is an older standard where the external authenticator is expected to be able to provide the second factor of authentication. CTAP2 allows the external authenticator to be used as both a first and second factor of authentication and eliminates the dependency on passwords.

Is this true, and if it is true, why? What does CTAP2 have that CTAP1/U2F doesn't, that enables passwordless authentication?

authentication cybersecurity passwordless passwordless authentication u2f

Visit resource

More from www.reddit.com / cybersecurity

What is your team's turnaround time on security questionnaires? 6 hours ago | www.reddit.com
cybersecurity found hey love +8
400,000 Linux Servers Hit by Ebury Botnet 6 hours ago | www.reddit.com
botnet cybersecurity ebury linux +2
SEIM that you use 8 hours ago | www.reddit.com
benefits companies cost cybersecurity +10
What is a normal salary? 9 hours ago | www.reddit.com
canada cyber cybersecurity dfir +8
Is this not really bad practice in cyber security? 10 hours ago | www.reddit.com
bad call christmas cyber +14
Cybersecurity for startups: where to start? 10 hours ago | www.reddit.com
asking cybersecurity cybersecurity measures employees +7
Should I request a CVE for open-source projects 11 hours ago | www.reddit.com
career cases client clients +9
Taking down a malicious spoof website. 11 hours ago | www.reddit.com
companies customers cyber cyber security +13
How an Employee's Personal GitHub Repository Compromised Azure’s Internal Container Registry 11 hours ago | www.reddit.com
azure compromised container cybersecurity +7

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Cyber Incident Manager 3

@ ARSIEM | Pensacola, FL
View on infosec-jobs.com

On-Site Environmental Technician II - Industrial Wastewater Plant Operator and Compliance Inspector

@ AECOM | Billings, MT, United States
View on infosec-jobs.com

Sr Security Analyst

@ Everbridge | Bengaluru
View on infosec-jobs.com