FIDO U2F
(Universal 2nd Factor)
U2F is an open 2-factor authentication standard which enables secure access to any number of web-based services – immediately and without drivers or client software. The U2F specifications were originally developed by Google with participation by Yubico and NXP. Today, everything is managed under the auspices of the FIDO Alliance (Fast IDentity Online). The Alliance was founded in 2012 with members that included PayPal and Lenovo. Its goal was to develop user-friendly and secure alternatives to passwords.
Besides offering the basic advantages of 2-factor authentication, U2F has the following properties:
- No shared secrets – Unlike OATH, for example, U2F Public utilizes key cryptography and no shared secrets.
- Anonymous – New public keys for each side
- User experience – The user should not need to enter any codes or install any drivers
- Universal – Hardware tokens, fingerprint readers, software tokens, etc. / USB, NFC, BLE / Registration on any number of websites
- Open standard
- Supported by industry leaders – like Google, PayPal, Microsoft, Bank of America, Mastercard and VISA