Security Key and Chrome incorporate the open
Universal 2nd Factor (U2F) protocol from the
FIDO Alliance, so other websites with account login systems can get FIDO U2F working in Chrome today. It’s our hope that other browsers will add FIDO U2F support, too. As more sites and browsers come onboard, security-sensitive users can carry a single Security Key that works everywhere FIDO U2F is supported.
13 comments :
As a Yubico-user I welcome this step. But can we use it to get access to Google accounts with other browsers too?
Is this to help the people or a new spy mechanism from Google/NSA?
Good luck plugging a USB key into your iPad, or letting your security-sensitive workplace let you plug arbitrary USB keys into your workstation, or convincing your bank that you really did not send your entire balance to Nigeria, even though you signed that transaction with a tap, etc etc...
Remember Mt.Gox? That's Yubico's most public failure so far :-)
Strong authentication needs to be out-of-band, and support transaction signing, and work everywhere, or there's no point using it. You can't get "out of band" with anything that you "plug in" - that's simply connecting it directly to the same threats.
By the way - for everyone reading this comment - please know that, if you are reading this, Google had the grace to allow this to be published here ("all comments published must be approved by the blog author") - and if you are reading this, that I'm grateful that they allowed my opinions to be aired, despite me being critical - thanks!
Chris.
I wish there's a possible way to use USB flash disks with the U2F protocol.
Hiya, is this functionality in the UK also. I have had a look on Amazon.co.uk & they sell
http://www.amazon.co.uk/Plug-up-FIDO-U2F-U2F-SK-01-Security/dp/B00OGPO3ZS/ref=sr_1_1?ie=UTF8&qid=1413905127&sr=8-1&keywords=FIDO+Security+Key
I would be keen to add this to my accounts going forward.
I have a drawer full of USB drives, why should I have to purchase another one.
This would be much better, if users could use drives they already have.
Will the USF compatabile USB Device need to be connected to the Computer at all times, or once login is complete can the USB device be disconnected?
How about selling these in the Play Store?! :D
This is a great new offering to help boost adoption of 2-step authentication. There are many scenarios where having a physical USB key is preferred to a mobile device. Looking forward to trying this out!
Will an additional factor be permitted to be used in conjunction with the physical device ? I think this is important in the same way as a PIN is required for a debit card.
Will there be/is there an JS API that can be used for other users, or this strictly a Google thing?
If so, do you have a link to the documentation?
This is very cool. I use Google 2-factor all the time for work and personal use. I've looked at some Yubi keys in the past. Maybe I'll order a Yubi Key Neo and play around with it.
Can you have more than one key assigned to your Google account? So I could carry one with me, and leave another at home in a safe just in case I lose it?
Post a Comment