On the market for an iPhone? Here's a breakdown of all the currently shipping iPhones from Apple.
Mac Pro Now Available
Safari Supports NFC, USB, and Lightning FIDO2-Compliant Security Keys in iOS 13.3
The iOS 13.3 update that is currently available to developers and public beta testers has a new Safari feature that supports NFC, USB, and Lightning FIDO2-compliant security keys.
This option was activated in the first beta of iOS 13.3, but in the second developer beta, Apple has added details about it in the release notes.
Yubico announced the YubiKey 5Ci back in August, but at the time of launch, it was of limited usefulness because it did not work with Safari, Chrome, or other major browsers, though it was compatible with apps like 1Password.
With Safari support, the YubiKey 5Ci is a legitimately useful tool that can be more convenient than software-based two-factor authentication because there's no need to enter a security code -- you simply plug it in to an iPhone or Mac (there's also a USB-C connector) to authenticate. Support for FIDO2-compliant USB security keys using WebAuthn was previously added to Safari 13 in macOS.
Other NFC, USB, and Lightning-based security keys will also work with Safari following the iOS 13.3 update. There's no word yet on when iOS 13.3 will be released, but we may see it sometime in December after a few more weeks of beta testing.
This option was activated in the first beta of iOS 13.3, but in the second developer beta, Apple has added details about it in the release notes.
Now supports NFC, USB, and Lightning FIDO2-compliant security keys in Safari, SFSafariViewController, and ASWebAuthenticationSession using the WebAuthn standard, on devices with the necessary hardware capabilities.With the iOS 13.3 update, Safari will support physical security keys like the Lightning-equipped YubiKey, which can be used for more secure two-factor authentication.
Yubico announced the YubiKey 5Ci back in August, but at the time of launch, it was of limited usefulness because it did not work with Safari, Chrome, or other major browsers, though it was compatible with apps like 1Password.
With Safari support, the YubiKey 5Ci is a legitimately useful tool that can be more convenient than software-based two-factor authentication because there's no need to enter a security code -- you simply plug it in to an iPhone or Mac (there's also a USB-C connector) to authenticate. Support for FIDO2-compliant USB security keys using WebAuthn was previously added to Safari 13 in macOS.
Other NFC, USB, and Lightning-based security keys will also work with Safari following the iOS 13.3 update. There's no word yet on when iOS 13.3 will be released, but we may see it sometime in December after a few more weeks of beta testing.
[ 24 comments ]
Top Rated Comments
(View all)
4 weeks ago
This is great news for the 8 people who will ever use this totally obscure feature.
4 weeks ago
This is great news for the 8 people who will ever use this totally obscure feature.
And notice how devoid of the usual comments ("about time!", "what could go wrong", "how about you fix your software, Tim.", "X dollars? that's insane!", "insert dad joke here") this thread is. People are more likely to complain about what they don't quite fully understand but not about what they know nothing about IMHO.
3 weeks ago
FIDO is that wonky thing where where the site is what is actually storying your keypair, but with you having locally encrypted it so it can give it to you so you can decrypt it so you can use that to verify the public half of the keypair that the site is also keeping?
[URL unfurl="true"]https://www.grc.com/sn/sn-445.htm[/URL]
Should just do something sensible like SQRL, or really any other solution.
Seriously, Gibson is a hack and a charlatan, no one serious in the industry respects him. There were several sites that debunk what he spewed, but they just stopped being maintained over 15 years ago because there was already too much information. Gibson total made things up (Socketgate?).
U2F which FIDO2 is based off of is well reviewed, and now included in the W3C specification through WebAuthN.
4 weeks ago
FIDO is that wonky thing where where the site is what is actually storying your keypair, but with you having locally encrypted it so it can give it to you so you can decrypt it so you can use that to verify the public half of the keypair that the site is also keeping?
[URL unfurl="true"]https://www.grc.com/sn/sn-445.htm[/URL]
Should just do something sensible like SQRL, or really any other solution.
[URL unfurl="true"]https://www.grc.com/sn/sn-445.htm[/URL]
Should just do something sensible like SQRL, or really any other solution.
4 weeks ago
And notice how devoid of the usual comments ("about time!", "what could go wrong", "how about you fix your software, Tim.", "X dollars? that's insane!", "insert dad joke here") this thread is. People are more likely to complain about what they don't quite fully understand but not about what they know nothing about IMHO.
4 weeks ago
This is some great news that is highly underrated. This gets us a lot closer to getting rid of the stupid password-based approach.
Besides that: A lot of countries have developed NFC capable ID cards that can now be put to work...
And, no, since those cards don't hand out the private key, this will not lead to more identity theft. In fact, it will help fight it.
Besides that: A lot of countries have developed NFC capable ID cards that can now be put to work...
And, no, since those cards don't hand out the private key, this will not lead to more identity theft. In fact, it will help fight it.
This is great news for the 8 people who will ever use this totally obscure feature.
4 weeks ago
This is great news for the 8 people who will ever use this totally obscure feature.
Willing to bet you will eat these words by this time next year.
All our security standards are extremely weak and / or have been hacked so we need new ones desperately. 2FA is going to be the savior of doing anything wallet related on your computer.
The reason this is fantastic news is that it will allow mass adoption of way better, way more convenient, way more mass compatible security.
4 weeks ago
"it has awesome security" -steve jobs
[ Read All Comments ]
Apple CEO Tim Cook this week spent time in Japan, and during his trip, he sat down with Japanese news site Nikkei to cover familiar topics like privacy, manufacturing, and health.
Cook visited...
Edison Software, makers of Edison Mail for iOS and Android, today debuted Edison Mail for desktop Macs. The developers say the app aims to eliminate common frustrations with desktop mail, all within...
In a new support document, Apple has indicated that iOS 13.3 includes improvements to further minimize junk messages in the Messages app.
If you are trying to send a message to someone and...
Apple today shared a new video in its ongoing "Shot on iPhone" series, showing off the photographic capabilities of the iPhone 11 Pro.
Shot in the Al Kharrarah Desert in Saudi Arabia,...
Expercom has revealed a few notable discounts on Apple's new Mac Pro, which just launched earlier today. The retailer is taking up to $2,500 off custom built configurations, and $430 off...
Apple today updated its holiday shipping policies to ensure that people are able to order and receive gifts ahead of when Christmas, Hanukkah, and other celebrations begin, with the company now...
Alongside iOS and iPadOS 13.3, Apple has released new 13.3 software for the HomePod, with some bug fixes and performance improvements that build upon HomePod features introduced in earlier iOS 13...
AppleCare+ for the new Mac Pro is available for $299, while AppleCare+ for the new Apple Pro Display XDR is priced at $499.
Given the prices of both the Mac Pro and the Pro Display XDR,...
