What is FIDO U2F?

U2F is an open authentication standard that allows internet users to securely access any number of online services with a single security key instantly and without the need for drivers or client software. FIDO2 is the latest generation of the U2F protocol.

Where did U2F come from?

U2F was created by Google and Yubico, and support from NXP, with the vision of taking strong public key crypto to the mass market. Today, the technical specifications are hosted by the open industry consortium known as the FIDO Alliance. U2F has been successfully implemented by major services including Facebook, Gmail, Dropbox, GitHub, Salesforce.com, the UK government and many more.

Origin binding: defence against phishing

With YubiKey, user logins are bound to the origin, meaning only the right website can authenticate with the key. Authentication fails on the fake site, even if the user was tricked into thinking it was genuine. This greatly mitigates against the increasing volume and sophistication of phishing attacks and stops account takeovers.

What are the benefits of U2F?

Strong security - Strong two-factor authentication using public key crypto that protects against phishing, session hijacking, man-in-the-middle and malware attacks.

Easy to use - Works out-of-the-box thanks to built-in support in platforms and browsers including Chrome, Opera and Mozilla, enabling instant authentication for any number of services. No code to write or drivers to install.

High privacy - Allows users to choose, own and control their online identity. Each user can also choose to have multiple identities, including anonymous, with no personal information associated with the identity. A U2F security key generates a new pair of keys for each service, and only the service stores the public key. With this approach, no secrets are shared between service providers and an affordable U2F security key can support any number of services.

More choice - Open standards provide flexibility and product choice. Designed for existing phones and computers, for many authentication methods and with different communication methods (USB and NFC).

Cost-effective - Users can choose from a range of affordable devices online. Yubico offers free and open source server software for back-end integration through the Yubico Developer Programme.

Electronic identity - Identity assurance is offered for organisations that require a higher level of identity assurance. Through service providers it is possible to bind your U2F security key to your real issued government identity.

How do I get started?

In order to capitalise on the opportunities, it's important that you think about security at a higher level. Good IT security is more than just difficult passwords and secure logins. At itm8, we' re experts in IT security and have been helping Danish organisations achieve higher security for more than a decade.

There are several ways to achieve higher IT security. Our concepts always have high security built in.

The modern workplace is a term used to describe companies that keep up with technological developments for the benefit of employees and the bottom line. The modern workplace from Microsoft and itm8 is a cloud-based service concept that includes all or selected parts of your IT solution and can be integrated with classic IT systems if necessary.

DM helps your organisation get a handle on data security and the EU General Data Protection Regulation (GDPR) and comply with minimum requirements for the annual risk assessment. Our security agreement can ensure that you have an overview of which data and systems are particularly vulnerable and that sensitive data does not find its way from your systems into the wrong hands.