Fast IDentity Online 2
FIDO2.
An open standards bundle from the FIDO Alliance, WebAuthn (the browser API) plus CTAP (the device-to-browser protocol), that powers passkey and hardware-key authentication.
The FIDO Alliance is an industry consortium founded in 2012 with members including Apple, Google, Microsoft, and the major identity vendors. FIDO2 launched in 2018 and has progressively become the dominant standard for phishing-resistant authentication on the web. By 2026 every major OS, browser, and CIAM platform supports FIDO2 either via synced passkeys or hardware security keys.
Common questions
What is the difference between FIDO2 and WebAuthn?
Does FIDO2 require a hardware key?
Is FIDO2 the same as a passkey?
Related terms
In the guides
Passwordless Authentication: A 2026 Practitioner's Guide
How passkeys, magic links, and biometrics replace passwords in CIAM, with implementation patterns, adoption data, and vendor support.
WebAuthn Explained: How Passkeys Work Under the Hood
WebAuthn is the W3C browser API that powers passkeys. A practical explanation of registration, assertion, RP-IDs, attestation, and the architecture choices that determine adoption.