From 0e1de4c148eb020cf9befe9e1ba3c0bb20799db3 Mon Sep 17 00:00:00 2001 From: bethh0rn Date: Fri, 28 Feb 2025 16:51:51 +0200 Subject: [PATCH] Apply Richard's corrections --- .../comprehensive-guide-to-passwordless-authentication.mdx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/astro/src/content/articles/authentication/comprehensive-guide-to-passwordless-authentication.mdx b/astro/src/content/articles/authentication/comprehensive-guide-to-passwordless-authentication.mdx index 2824f92c86..974c309a91 100644 --- a/astro/src/content/articles/authentication/comprehensive-guide-to-passwordless-authentication.mdx +++ b/astro/src/content/articles/authentication/comprehensive-guide-to-passwordless-authentication.mdx @@ -47,7 +47,7 @@ This section discusses how these protocols work in theory. Later, you'll see wha ### Passkeys (FIDO2/WebAuthn) -In 2013, the biggest USA software companies formed the FIDO (**F**ast **ID**entity **O**nline) Alliance to "*help reduce the world’s over-reliance on passwords*." The FIDO Alliance's standard, FIDO2, was submitted to the World Wide Web Consortium (W3C) and became the WebAuthn standard in 2016. WebAuthn is a protocol that describes how clients and servers can be authenticated using asymmetric cryptography (which this guide refers to as passkeys) instead of passwords. +In 2013, the biggest USA software companies formed the FIDO (**F**ast **ID**entity **O**nline) Alliance to "*help reduce the world’s over-reliance on passwords*." The FIDO Alliance's standard, FIDO2, was submitted to the World Wide Web Consortium (W3C) and became the WebAuthn standard in 2016. WebAuthn is a protocol that describes how clients and servers can be authenticated using asymmetric cryptography (commonly called passkeys) instead of passwords. To summarize: - **FIDO** is both a group of companies and the name of one of the group's standards. @@ -249,7 +249,7 @@ More information on magic links in FusionAuth is available [in the magic links g ### Implementing OTPs -OTPs can be used in two ways: as an alternative to entering a password or for MFA. However, FusionAuth only supports the use of OTPs for MFA. +An OTP can be used in two ways: as an alternative to entering a password or for MFA. However, FusionAuth only supports the use of OTPs for MFA.. However, FusionAuth only supports the use of OTPs for MFA. FusionAuth supports the use of OTPs only for MFA, and doesn't support OTPs as an alternative to passwords. To configure MFA, follow the [guide](/docs/lifecycle/authenticate-users/multi-factor-authentication). In brief, you need to enable email settings, then select the email template in your tenant Multi-Factor tab, and set the multi-factor On login policy to `Required` for your application.