ACSP Suggestion 2019.14: Implement FIDO2 (WebAuthn) for ARIN Online
Suggestion
Author: Anonymous
Submitted On: 17 May 2019
Description: Implement FIDO2 (WebAuthn) for ARIN Online as an optional authenticator to eliminate passwords entirely.
Value to Community:
Passwords and OTP can be complex, and often result in reluctance to implement proper protections of ARIN Online accounts. Implementation of WebAuthn and FIDO2 can offer an alternative to not only eliminate passwords but at the same time provide strong authentication (as Microsoft Windows 10 and Azure does with FIDO2 authenticaters).
Note that best practice is always to ensure that you have a backup Security Key in place, so allowing more than one key is likely important allowing one to place the backup key in a secure location.
FWIW, this was mentioned at the mic at the recent meeting, but as I did not write down the name of the proposer, I cannot give proper credit.
Timeframe: Not specified
Status: Completed Updated: 03 March 2023
Tracking Information
ARIN Comment
3 March 2023
Thank you for your suggestion, numbered 2019.14 on confirmed receipt, requesting that we implement FIDO2 (WebAuthn) for ARIN Online as an optional authenticator. Development of this functionality was completed and deployed on 3 January 2023.
Because this work is completed, we are closing this suggestion. Thank you for participating in the ARIN Consultation and Suggestion Process.
31 May 2019
Thank you for your suggestion, numbered 2019.14 upon confirmed receipt, that ARIN implement FIDO2 (WebAuthn) for ARIN Online.
This suggestion will remain open for consideration alongside other potential improvements to our ARIN Online login functionality for inclusion on our future work plan.