The Secret Security Wiki


Universal 2nd Factor

Universal 2nd Factor (U2F) is a protocol designed to enable online services to augment their traditional password-based authentication with a second factor of authentication that is presented via a USB device or NFC interface. The use of a local interface requires client applications – typically a web browser – to support U2F.

U2F is defined as part of Fast Identity Online (FIDO), a set of open technical specifications for mechanisms of authenticating users to online services that do not depend on passwords. FIDO authentication seeks to use the native security capabilities of the user device to enable strong user authentication and reduce the reliance on passwords.

“Under the hood” FIDO utilizes asymmetric cryptography to ensure that sensitive data such as secrets, biometric prints and images remain on device at all times and are not transmitted to the authenticating service.

FIDO defines two key protocols: (i) Universal Authentication Framework (UAF) Protocol, and (ii) Universal 2nd Factor (U2F) Protocol.