Firefox support for FIDO2 authenticators is here!

This is shaping up to be a good year for security conscious MacOS users. First, in January, Apple added support for using security keys to protect Apple IDs. This represented a huge step forward for protecting iCloud accounts by preventing access on untrusted devices. 

But what about using security keys on your MacOS device to log in to other websites? Well, there’s good news on this front, too, because FIDO2 support has been added to the latest version of Firefox. 

Starting with Firefox 114 – released on June 6, 2023 – Firefox has enabled support for FIDO2 security keys for both registering and authenticating to sites that support passkeys. You can now use your security key to log in to a growing number of online services, identity providers and social networks that have implemented FIDO2 passwordless. For example, now you can authenticate to Microsoft’s Azure/O365 with Firefox on MacOS with a YubiKey.

It’s important to note that Firefox’s support is still evolving. Much like Safari, it is missing the capability to set a PIN for a security key when a key is first registered with a site that requires PINs. The good news is that if you’re using a YubiKey as your FIDO2 token, you can use Yubico Authenticator for MacOS to set or change a PIN and view or delete the hardware-bound passkeys stored on your YubiKey.

Firefox’s support for FIDO2 is a great step forward for the privacy-focused browser, and another step towards ubiquitous support for phishing-resistant authentication around the web. We’re always happy to see more choice in browsers that support modern, standards-based secure authentication! We’d like to thank the developers at Mozilla for their ongoing work supporting FIDO2 hardware keys like the YubiKey, and can’t wait to see what’s coming next.

—— 

For more information on passkeys, and to learn what differentiates passkeys stored on a security key from passkeys stored on a mobile device, visit our blog post here.

Talk to our teamTalk to our team

Share this article:


  • FIPS certified vs. FIPS compliant: What’s the real difference?“Is your MFA solution FIPS compliant, or is it certified?”  This is a question we hear a lot, and for good reason. In industries where security and compliance are critical (especially in government contracts), understanding the difference between FIPS certified and FIPS compliant isn’t just semantics – it can mean the difference between meeting requirements […]Read moreFIPSNIST
  • 2025 Global State of Authentication survey: A world of difference in cybersecurity habitsIn a world that’s more connected than ever, the landscape of cybersecurity threats is constantly evolving. Bad actors, now supercharged with artificial intelligence (AI), are becoming increasingly adept at exploiting human error through sophisticated phishing and social engineering attacks. This makes robust cybersecurity a universal issue, impacting everyone from individuals to the largest global enterprises. […]Read moreGlobal State of Authenticationsurvey
  • Making digital security a right: Inside Yubico’s Secure it Forward programTechnology can be a great equalizer — but only if the strongest protection is within reach. Since 2022, Yubico has donated more than 65,000 YubiKeys to hundreds of organizations worldwide — a retail value of over $3.3 million. Each key helps strengthen digital protection for those doing vital work in their communities. This isn’t just […]Read more
  • Unlocking trust in enterprise security: Yubico and Okta empowering businesses togetherCollaboration with ecosystem partners is critical for providing our customers with the best cybersecurity solutions. Together, Yubico and Okta have achieved remarkable milestones over the years, including launching innovative solutions and aligning our go-to-market efforts – all aimed at delivering the most impactful cybersecurity solutions and user experience for our customers and partners. At the heart […]Read moreOktaOktane