[ARIN-Suggestions] New ACSP 2019.14: Implement FIDO2 (WebAuthn) for ARIN Online
ARIN
info at arin.net
Wed May 22 15:10:20 EDT 2019
On 17 May, we received a new suggestion, numbered 2019.14 upon confirmed
receipt, that ARIN implement FIDO2 (WebAuthn) for ARIN Online as an
optional authenticator to eliminate passwords entirely.. Staff is
reviewing this suggestion and will issue a formal response once analysis
is complete.
The full text of the suggestion may be found below or at:
https://www.arin.net/participate/community/acsp/suggestions/2019-14/
***
Description: Implement FIDO2 (WebAuthn) for ARIN Online as an optional
authenticator to eliminate passwords entirely.
Value to Community:
Passwords and OTP can be complex, and often result in reluctance to
implement proper protections of ARIN Online accounts. Implementation of
WebAuthn and FIDO2 can offer an alternative to not only eliminate
passwords but at the same time provide strong authentication (as
Microsoft Windows 10 and Azure does with FIDO2 authenticaters).
Note that best practice is always to ensure that you have a backup
Security Key in place, so allowing more than one key is likely important
allowing one to place the backup key in a secure location.
FWIW, this was mentioned at the mic at the recent meeting, but as I did
not write down the name of the proposer, I cannot give proper credit.
***
Regards,
Communications and Member Services
American Registry for Internet Numbers (ARIN)
More information about the arin-suggestions
mailing list