Could U2F Keys Kill the Password?

yubikey2Universal Two-Factor (U2F) security keys could kill the password, writes Neil J. Rubenking in an article for PCMag. Having spoken with Yubico CEO Stina Ehrensvärd at the recent RSA Conference, Rubenking evidently came away convinced of the benefits of U2F authentication, and of its potential for the future.

Yubico is, of course, the company behind the YubiKey, a physical security key adhering to the FIDO Alliance’s U2F standards. In practice, that means it uses a one-time password (OTP) along with an embedded smart card that works with compatible applications in order to authenticate the user when logging into those applications. Last fall, the company teamed up with Google to announce that the latter would support Yubico’s U2F devices with its Chrome browser, and this spring Google Drive support was added. Both companies are part of the FIDO Alliance.

Interviewed for the article, Ehrensvärd expressed her hope that one day “this will be everywhere,” adding that it could eventually “scale to encryption, payments, it can allow users to take control of their own identity.” And as more of these devices – from Yubico and other developers – begin to implement biometric authentication to their keys, such devices could indeed prove fatal to the password.