Two is better than one in most cases. A lock and a deadbolt offer better protection for the front door of your home. A seatbelt and an airbag provide better protection in the case of a car accident. And, when it comes to your online security two-factor authentication is better than just one factor when it comes to protecting your identity and data.
The problem is that two-factor authentication–by definition–adds steps that make it less convenient than just using one-factor authentication, and most people willingly choose convenience over security. The FIDO Alliance hopes to simplify two-factor authentication, though, with the U2F standard.
I wrote a post about U2F and new support from both Google and Duo Security:
We’ve had enough malware campaigns and data breaches to confirm the need for better data protection online. The Universal 2nd Factor (U2F) standard is a step in the right direction, and the first compatible devices are coming out now.
U2F is an open authentication standard. It was initially developed by Google, but it’s now managed by the FIDO (Fast Identity Online) Alliance. The FIDO Alliance also includes household names like Microsoft, Mastercard, Visa, PayPal, Discover, Samsung, and BlackBerry among its members.
Two-factor, or multi-factor authentication has long been promoted as a more effective security mechanism, but it’s a hassle, requiring you to juggle passwords with a second factor such as a texted code or an authentication app. U2F proposes to streamline the process using a U2F-enabled USB or NFC key fob, card, or mobile device alongside traditional authentication methods. All you have to do is use a Web browser with built-in support and native drivers.
Users must first register the U2F device with sites or services that support U2F authentication, such as webmail, or banking sites. You must insert the U2F device into a USB port, enter your traditional username and password credentials, and then touch the U2F device to generate secure login credentials. Because successful authentication relies on interaction with the U2F device, U2F protects against common attacks like session hijacking, man-in-the-middle attacks, advanced Trojans, and other malware.
Read the complete story at PCWorld: How the FIDO Alliance’s U2F could simplify two-factor authentication.