In recent months, you might have seen the phrase “U2F Keys” pop up frequently. Short for Universal 2nd Factor, U2F is best thought of as a second-generation form of two-factor authentication (2FA). U2F keys take existing 2FA technology and both simplify and strengthen it.
U2F keys rely on either NFC or USB devices to function. It’s also an open standard, meaning you can buy a dedicated security key from any number of manufacturers. Some cost as little as $10.
Using the security key is simple. The first time you connect it to an account, the key will generate a random number called a “Nonce.” The key is hashed with the website domain to create a code that’s unique to your account.
Thereafter, you just need to plug the U2F key into your computer and wait for the app or login portal to recognize it. Sometimes you’ll need to press a small on the key itself to activate the connection.
Do U2F Keys sound like something you’d like to implement on your own accounts? Here’s a quick look at some of the sites which are already U2F-compatible.
Where Are U2F Keys Supported?
Here’s a rundown of some well-known sites which work with U2F Keys:
- Google Chrome: Chrome has been U2F compatible since version 38.
- Opera: Opera implemented U2F support in version 40.
- Firefox: Firefox is the third and final browser that supports U2F natively.
- Facebook: You can use U2F as an additional means of 2FA on Facebook.
- Dropbox: As with Facebook, Dropbox accepts U2F as a means of 2FA.
- GitHub: Adopted U2F in October 2016.
- Salesforce: Also adopted U2F in October 2016.
So, when will we see U2F become mainstream? Clearly, it’s already well on the way. But it seems it won’t be readily adopted by the masses until NFC devices are in more hands and more computers are NFC compatible.
Have you used U2F? Let us know in the comments below.