FEITIAN: How is a FIDO U2F security key different from password?
Your standard login credentials including password starts the process, but the physical key is required for access to the account. Standard password verification is based on personal knowledge, typically a sequence of letters, numbers or symbols. However FIDO U2F verification adds a detail and requirement based on what a person physically has in their possession, the FIDO U2F security key. It creates an added layer of security, an encrypted device unable to be hacked, hijacked, phished, or spoofed. It's a more fool-proof way of confirming identity and best described by Google;
“Security Keys are mandatory at Google, they provide superior protection against phishing not possible with many alternative two factor authentication solutions.” - Christiaan Brand, Product Manager for Security and Identity at Google, eWeek.
Leave a comment
Please note, comments must be approved before they are published