 And I'm a researcher at the cognitive sciences and time series at the University of Columbia School of Computing, and I have Sahant with me, and he's also a researcher at COTSLAB as well as a researcher at the AIT. So, today let's talk about Fighter 2, the future of authentication. Now, as you already know, passwords are not safe anymore. You ask me why? So, let me start over. So, as you know, passwords are not safe already. If you ask me why, 52% of the users use the same passwords for multiple backgrounds in their lives. Now, this leads to many kinds of attacks, such as prayer attacks, loop closing, and even credential stuffing attacks. Now, you can see how the simple and predictable passwords can lead to vulnerability issues. If you want to figure out if your password has been compromised, you can use this website. Have I been phoned and checked whether it has already been phoned or not? So, as a solution for these simple passwords, we have something called MFA, Manifacta Authentication. This basically refers to having two or more verification steps in order to gain access to certain kinds of applications. Now, in MFA, we have many kinds of MFA types available in the world. So, these three things are the most common stuff. The first one is knowledge-based, things you know, such as P number, CPT questions and stuff. And then, possession-based, something you have, such as SSM, SOTP, and TOTP. And the final one is innate and based, things you are, such as your biometrics, fingerprints, your breath, your eyes, everything. Now, let's talk about FIDO. FIDO stands for Fast Identity Online. And that's kind of a combination of all these three types I mentioned earlier. A FIDO refers to setup open and standardized authentication protocols that is ultimately intended to eliminate passwords, which is very vulnerable and outdated in a security perspective. So, if FIDO 2 authentication standard, it basically is an umbrella term for these two protocols. The first term is the FIDO-aligned specification for CETA. CETA means Declined Authenticator Protocol. And then the second one is the W3C's Web Authent Protocol. Now, I'll explain this on the later slides. So, FIDO comes up with these two combinations of these three protocols. And then you have FIDO. So, this is how actually FIDO works. Now, you have the Web Authenticator Protocols side by side. Now, first of all, you have the client platform. This basically refers to your laptop or your PC and everything. And then we have something called an Authenticator. Your authenticator can be external or maybe internal. So, an internal authenticator might be your touch ID on your iPad or MacBook. And an external authenticator can be something external that you have that you have to plug into your computer. So, the CETA protocol works in between the authenticator and the client platform. It will be used to communicate between those two platforms using VLE or NFC or Bluetooth or even maybe just. Now, Web Authenticator Protocol, you can use that to communicate between your client platform and the relying part. So, the relying part basically refers to some kind of an authentication around the cloud or your network. So, the Web Authenticator Protocol will communicate between those two and complete your authentication request. So, this is an in-detail flow of how FIDO works. Since we don't have much time today, I'm not going to explain it. But you can grab a big photo of this one or maybe I'm available around for another few hours. So, you can just type what you need to ask me and I'll have you explain all this. So, like I said, we have external authenticators and internal authenticators. So, that Chinese example for an internal authenticator and even Windows Hello. And external authenticators, you can have security keys like UV keys to put your fingerprints and authenticate stuff like that. So, ultimately, why FIDO? Why should we use FIDO instead of passwords and all this stuff? So, first of all, FIDO is strong. It's resistant to all these attacks on a simple password dimensionally. And it's faster. All we have to do is put your fingerprint or maybe put in your UV key and you're all good to go. And then it's private and it's convenient, very convenient. Just we have to just use your biometrics to access all the social media platforms and everything. And it's supported on very many browsers and in softwares, it's integration. And then it fits most of the use cases available to this world. And then it's industry-backed. And obviously, most of the organizations are moving on to this kind of FIDO 2 and biometrics authentication protocols. And then it's already in the market in leading companies. So, how can we integrate this FIDO 2 into an existing application? Sahab is here to show you how to integrate this FIDO 2 with real-world applications. Thanks. So, as Sunil said, the last two points. FIDO 2 is industry-backed and in markets. So, where? So, let me give you, cover it up with some practical examples. FIDO 5.0 Procedure of how FIDO is using in Azure. Any Azure users here? Alright, cool. So, this is FIDO 5.0 simplified and very conscious way how FIDO is integrating in Azure, actively different. So, starting from the user, but in FIDO 2 secret key into their computer. And then, as you could see in the flow diagram. And then Windows detects. This is in Windows device. So, it detects the FIDO 2 secret key. And then it follows up. It's Azure AD. It set it back as a nonce. And then it's configured as a private key. And then it set it back as a public key. And Azure AD returns as a PRT. To enable access to on-premises resources. I'm not going to call it up as kind of an speculative way how the process is working. If you're wondering how it works dynamically in these levels. You could reach to me and ask me if you have any questions. And then, so how do we enable FIDO 2 secret key in Azure Active Directory? So, first you have a signing into your Azure portal. And then browse it to Azure Active Directory. And then go to secret reception. And the authentication method. You could find a method called authentication method policy. Then the other thing you have to do is. Another method of FIDO 2 secret key. You have to public key. And enable for all the users or any specific groups you are interested in. They enable FIDO 2 secret keys. And yes, that you could go and set the configuration. And what are the other areas available? Obviously, you can use FIDO 2 secret keys. And there are also other options available as well in this scenario. And what would be the future for FIDO 2? So, what are the possible research directions? And what would be the possible things with FIDO 2? So, the first thing is the integration with image and technologies. Like, if there are things, obviously, you should learn. So, allowing seamless and secure authentication across wide range of devices. And the second thing is supporting new forms of biometric authentication. Right now, there are many resources to point on. In the sections of pressure recognition, fingerprint recognition, and eye scanning in your eye. And providing even better security and convenience for users. And last, the increased support from hardware and software. Whether it's making it easier for organizations starting from Microsoft to other organizations and others. There are many organizations currently at a clean quality. So, for you to integrate the technology into your system. So, that's it for me here. If you have any questions, feel free to ask. So, actually, we would love to have a conversation with you guys for the same answer. If you have any questions, please speak with us. Yes, Jim? Well, not so much a question. But one reason why I don't enable fingerprint recognition in my devices is because, I don't know if you know this, but a few years ago we had a situation where the thief cut off the thumbs. Right. And use it to access, I think, the data or something like that. It sounds like in such an environment, fingerprint authentication is a good idea. I don't know. I'm still debating this. I don't know if you have any. That's very good. Not a question. But I know a reason where someone's, I would say, it's someone's eyes to how to discuss. Right. So, actually, we don't know how the registrations work and how can we change the people's mindset to remain human. So, yeah, we just try to better than see how. So, basically, it's not appropriate for high-risk groups, right? I think that you live in a neighborhood where you can track the people who are willing to hold you down and use your thumb to force open something. So, in that case, is it better if you just use password? So, what if you are some kind of a hard-of-running government official and your boss gets some kind of a hack and then you are exposed and you spend the rest of your life behind bars? That's even better than having your thumb cut off. Right. But I just have to wait and see how this goes. So, I question this. Is this a really good idea? So, if you evaluate the pros and cons, you have to always go with the solution that has most of the pros. Right. So, that actually depends on the use case and your environment and your operation kind of business and stuff. So, that's not like a fantasy. You really have to think carefully whether, yeah, like this is going to make you more secure, or to expose shillings to other risks. Right. I'll stick to my long password, thank you. I'm also questioning, I'm asking for your question. So, as far as stick to your business file, we also fill it out, what are the other methods we can fill it out to depend on the maximizing layer of security. Right. Metal gloves. Yeah. Any other questions? Yeah. Thanks very much, guys. The question about pyro-metrics isn't how to solve one. Every single thing, anytime someone says, the solution to the problem is pyro-metrics. All those tips you use at the speaker doesn't understand the problem all the time. You're creating a match of stolen thumbs. It seems like terrible yet. Yeah, it's a case specific. I might agree with that. Thank you so much, guys.