# FIDO2 papers ###### tags: `bibliography` ## [Is FIDO2 the Kingslayer of User Authentication? A Comparative Usability Study of FIDO2 Passwordless Authentication](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=9152694) * 2020 IEEE Symposium on Security and Privacy * Authors: Sanam Ghorbani Lyastani, Michael Schilling, Michaela Neumayr, Michael Backes, Sven Bugiel ------------------ ## [Avoiding Lock Outs: Proactive FIDO Account Recovery using Managerless Group Signatures](https://eprint.iacr.org/2022/1555) * Prepint * Sunpreet S. Arora, Saikrishna Badrinarayanan, Srinivasan Raghuraman, Maliheh Shirvanian, Kim Wagner, Gaven Watson ------ ## [FIDO2, CTAP 2.1, and WebAuthn 2: Provable Security and Post-Quantum Instantiation](https://eprint.iacr.org/2022/1029) * IEEE S&P * Bindel, N., Cremers, C., M., Z. ------ ## [Provable Security Analysis of FIDO2](https://eprint.iacr.org/2020/756.pdf) * Crypto 2021 * Manuel Barbosa, Alexandra Boldyreva, Shan Chen, and Bogdan Warinschi. “”. In: CRYPTO 2021, Part III. Vol. 12827. LNCS. Virtual Event: Springer, Heidelberg, Aug. 2021. ------ ## [Why proximity test is required for the broswer to the authenticator](https://groups.google.com/a/fidoalliance.org/g/fido-dev/c/A71mU8riKvM/m/BFehVGCtAwAJ?utm_medium=email&utm_source=footer) * FIDO forum * This topic discusses why BLE advertisement is required - it is needed to check the proximity test of the browser. Otherwise, attacker sitting afar can trick authenticator and steal session. No scope of cryptography here, all engineering solution. ------ <!-- ## [Why Aren’t We Using Passkeys? Obstacles Companies Face Deploying FIDO2 Passwordless Authentication](https://maximiliangolla.com/files/2024/papers/fidoobstacles-extended.pdf) * By Leona Lassak, Elleen Pan, Blase Ur, Maximilian Golla -->