U2F is part of the FIDO Alliance and is designed to allow online services to augment the security of their existing password infrastructure by adding a strong second factor to user login. The user logs in with a username and password as before. The service can also prompt the user to present a second factor device at any time it chooses.

The strong Multi-Factor Authentication (2FA) allows the service to simplify its Passwords (e.g. 4–digit PIN) without compromising security.

U2F originally developed by Google and Yubico became a FIDO standard alongside the original FIDO UAF.

U2F really has two parts a JavaScript API (now WebAuthN) for Relying Party to browser and a browser to authenticator potion both were called U2F but now the Client To Authenticator Protocol (CTAP2)

U2F Authenticators when used with WebAuthN SHOULD only allow usages as 2FA and not as primary Authentication

More Information#

There might be more information for this subject on one of the following: