Identity protection solutions provider Yubico has unveiled a new USB key that will be compatible with FIDO U2F authentication standards. The aptly-named FIDO U2F Security Key will allow two-factor authentication with any online services supporting U2F standards.
U2F, which stands for Universal Second Factor, is a security standard established by the nonprofit FIDO (Fast IDentity Online) Alliance, whose mandate is “to address the lack of interoperability among strong authentication devices as well as the problems users face with creating and remembering multiple usernames and passwords.” U2F essentially requires password authentication to be used in concert with a supported hardware ‘key’, so a device like Yubico’s FIDO U2F Security Key can be plugged into a user’s USB, tapped for authentication, and an online service supporting the standard can then authenticate the user with a password – even a simplified password, since there is already this extra factor of authentication with the physical key.
Significantly, Google Accounts will be one such service, having just made the announcement that FIDO U2F support will be added to its Chrome browser. It’s a big get for the FIDO Alliance and very good news for Yubico. Speaking on the development, the company’s CEO Stina Ehrensvard said, “This news can’t be overstated for anyone who desires better protection against hackers… Having a leading Internet browser adopt FIDO U2F signals the arrival of new and stronger options for authentication and security.”
It is indeed a big step forward for U2F standards, which are FIDO’s recommended alternative to its UAF (Universal Authentication Framework) standards, which basically require a security system that is passwordless, opting instead for biometric authentication and the like. With Yubico’s new product arriving right on the heels of Google’s announcement, the company may now be leading the charge for U2F hardware developers.