[Openid-specs-fapi] [Off-topic] Option to disable password authenticaiton among FIs?
Nat Sakimura
nat at nat.consulting
Thu Dec 9 14:53:58 UTC 2021
Hi
This is off-topic for the WG but adjacent and since many of you are well
acquainted with the markets, let me ask this.
Is there an example of Banks and other Financial Institutions that allows
users to disable the password authentication so that they wholly can depend
on FIDO or other types of SCAs?
Not disabling password authentication (i.e., authenticating only with a
password) seems to be a security weakness. If you could give me examples of
disabling password-only login (I am guessing that is actually banned in EU)
in each jurisdiction, it is much appreciated.
Best,
--
Nat Sakimura
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20211209/94b7485b/attachment.html>
More information about the Openid-specs-fapi
mailing list