The adoption of FIDO2 authentication by major tech companies in web applications has grown significantly in recent years. However, we argue FIDO2 has broader potential applications. In this paper, we introduce EAP-FIDO, a novel Extensible Authentication Protocol (EAP) method for use in IEEE 802.1X-protected networks. This allows organisations with WPA2/3-Enterprise wireless networks or MACSec-enabled wired networks to leverage FIDO2's passwordless authentication in compliance with existing standards. Additionally, we provide a comprehensive security and performance analysis to support the feasibility of this approach.

翻译：近年来，主要科技公司在网络应用中对FIDO2认证的采用已显著增长。然而，我们认为FIDO2具有更广泛的应用潜力。本文介绍了EAP-FIDO，一种用于IEEE 802.1X保护网络的新型可扩展认证协议方法。这使得拥有WPA2/3-Enterprise无线网络或支持MACSec的有线网络的组织能够利用FIDO2的无密码认证，同时符合现有标准。此外，我们提供了全面的安全与性能分析，以支持该方法的可行性。