The U2F key was created in order to provide increased security for connecting to user accounts. These user accounts contain various types of personal data, such as photos or private discussions that are not intended for public disclosure.
Definition
Universal 2nd Factor (U2F) is an open authentication standard that strengthens and simplifies two-factor authentication using specialized Universal Serial Bus or near-field communication devices based on similar security technology found in smart cards. It was initially developed by Google and Yubic, with contribution from NXP Semiconductors. It is now hosted by the FIDO Alliance.
Google Chrome, Mozilla Firefox, and Opera are the only browsers that support U2F. It works on Windows, Mac, Linux, and Chromebooks. Once you have a physical U2F token and use Chrome, Firefox, or Opera, you can use the u2f key to secure your Google, Facebook, Dropbox, and GitHub accounts among others. U2F also works with the Google Chrome browser on Android, assuming you have a USB key with NFC support built in. Apple doesn’t allow apps access to the NFC hardware, so it doesn’t work on iPhones. Although Firefox has U2F support, it’s disabled by default. You’ll need to enable a hidden Firefox preference to activate the U2F support at the moment.
How does a U2F key work?
Its shape is identical to a traditional USB flash drive, except the device contains no data. It actually contains a single secure chip that allows the person using it to access their account. It can be likened to a key to a safe that there’s only one of in existence, no duplication is possible. The proper functioning of this USB drive is based on the Universal Second Factor protocol, also abbreviated as FIDO U2F. This standard was developed by three companies: Google (with Google Titan), Yubico (with Yubikey NEO) and NXP. NXP also invented NFC chips. The U2F standard has been since handed over to the FIDO Alliance, which encompasses several Information Technology companies. Related Article: Lock Down your Google and Facebook Account with two-factor authentification.
Pros of using U2F key
While using a u2f key, only the person who holds it can connect to the associated account using the password. Security is therefore taken to a higher level by completely restricting access to user accounts. Once you acquire a U2F security key, you simply link it to a compatible computer service. Once it’s set up, which takes very little time, there’s nothing more to do than connect the key to the computer when you need to authenticate to a site. You simply push the button on the key to verify the authentication. It’s extremely easy to use and only takes up very little time.
Cons of using U2F Keys
Connection to the service is now subject to authentication by a U2F security key. You must, therefore, remember to carry it with you at all times. If you forget to do so, you can’t connect to your account. On the other hand, if your security key is permanently lost, a backup solution is automatically requested during configuration. It is nevertheless suggested that you have two keys: one attached to your key chain and another that’s kept in a separate place just in case.
Which sites are currently compatible with U2F keys?
The number of sites that currently support the u2f key is steadily rising. Some of these sites include:
All Google services (such as Gmail, Drive, Hangouts and Google+) Facebook Twitter Dashlane Dropbox WordPress.
The list is constantly updated based on the evolution of sites and their policies. Go to the support section on the sites you use to check if the connection with a u2f security key is supported.