Hardware Fido U2F Authentication

Chad-Smith · ‎07-25-2018

I would like to see support for security hardware keys, like Fido U2F.
This is particularly important as Autodesk develops more cloud products, which is storing more and more sensitive project data.

Chad-Smith · ‎07-28-2018

I'll also add Fido2 to this request.

Chad-Smith · ‎10-11-2018

Giving this idea a bump now that the leading hardware security company Yubico has released their new line of FIDO2 compliant keys.

It would nice to be able to apply world-leading security to our Autodesk account.

Oh, and to make two-factor authentication compulsory via the Autodesk Management Portal.

leowarren34 · ‎12-15-2018

Definitely these security posts are becoming super common now, why wouldnt a company with trillions of dollars in IP behind their accounts why wouldnt they have good security but 2 fac is needed especially hardware and other methods such as companions devices, usb and fingerprints...

Chad-Smith · ‎02-03-2019

And one other thing I'm going to add, why do the ADSK accounts not have the ability to generate backup codes should the primary method/s fail?

ADSK is way behind on the account security methods.

leowarren34 · ‎02-03-2019

Security feels like a no thought rather than an after thought, it only takes one hack and it'll come tumbling down, we want to be proactive!

Chad-Smith · ‎02-26-2019

I'll just keep adding the advancements in this security to this thread.

Android has received certified FIDO2 support, meaning that we on Android devices can now more securely and easily signing without needing a password.

https://www.wired.com/story/android-passwordless-login-fido2/

Come on Autodesk, this is not a matter of if, but when. At this stage FIDO2 is the future, it isn't going away as it grows in support, so you may as well get on board sooner than later.

You don't have to make it mandatory, but it should at least be an account option as the mainstream users are educated.

leowarren34 · ‎02-27-2019

Security is definitely needed and whilst FIDO is excellent a 2FA would be better than nothing, use a code generator or even better a yes or no verify.

Chad-Smith · ‎03-04-2019

Autodesk, no excuses now after the W3C has ratified the protocol under WebAuthn.

https://www.yubico.com/2019/03/w3c-standardizes-webAuthn/

leowarren34 · ‎03-05-2019

Absolutely, ratified yesterday (4/3/19)

Just so behind, just keep going @Chad-Smith

Emily.M.Svensson · ‎04-01-2020

Hello,

It will be possible to implement Hardware Fido U2F Authentication with SSO, which will be available in June for customers on the Premium plan.

Best,
Emily

Chad-Smith · ‎03-09-2021

@Emily.M.Svensson When is this coming to non-Premium accounts?

Chad-Smith · ‎12-05-2021

@Emily.M.Svensson Checking in again to see when this is coming to non-Premium accounts? Security should be a priority, not a privilege.

I have both a personal (hobby) ADSK account and a work ADSK account. Both are equally important to protect.

Also, Premium is not available to all businesses; it's dependant on size. So why are some businesses allowed to protect their data, and not others.

Having this tied to Premium makes absolutely no sense.

Emme.j.pettersson · ‎08-10-2023

Still no updates 😕

Chad-Smith · ‎08-10-2023

And now with both Google and Apple rolling this into their mobile devices as 'Passkeys', and into desktop/laptop machines, there is no reason why this shouldn't be rolled out en-masse to all Autodesk accounts.

As I said in my previous post, security should not be a privilege.

Hardware Fido U2F Authentication

Hardware Fido U2F Authentication

Forums Links

Submit Idea