ACSP Suggestion 2019.14: Implement FIDO2 (WebAuthn) for ARIN Online

Suggestion

Author: Anonymous   
Submitted On: 17 May 2019

Description: Implement FIDO2 (WebAuthn) for ARIN Online as an optional authenticator to eliminate passwords entirely.

Value to Community:

Passwords and OTP can be complex, and often result in reluctance to implement proper protections of ARIN Online accounts. Implementation of WebAuthn and FIDO2 can offer an alternative to not only eliminate passwords but at the same time provide strong authentication (as Microsoft Windows 10 and Azure does with FIDO2 authenticaters).

Note that best practice is always to ensure that you have a backup Security Key in place, so allowing more than one key is likely important allowing one to place the backup key in a secure location.

FWIW, this was mentioned at the mic at the recent meeting, but as I did not write down the name of the proposer, I cannot give proper credit.

Timeframe: Not specified

Status: Completed   Updated: 03 March 2023

Tracking Information

ARIN Comment

3 March 2023

Thank you for your suggestion, numbered 2019.14 on confirmed receipt, requesting that we implement FIDO2 (WebAuthn) for ARIN Online as an optional authenticator. Development of this functionality was completed and deployed on 3 January 2023.

Because this work is completed, we are closing this suggestion. Thank you for participating in the ARIN Consultation and Suggestion Process.

31 May 2019

Thank you for your suggestion, numbered 2019.14 upon confirmed receipt, that ARIN implement FIDO2 (WebAuthn) for ARIN Online.

This suggestion will remain open for consideration alongside other potential improvements to our ARIN Online login functionality for inclusion on our future work plan.