U2F device


U2F device is an Authenticator, specifically, a FIDO Authenticator that supports the Universal Second Factor FIDO protocol

U2F device, technically, is only supported for Multi-Factor Authentication (MFA) and not Passwordless Authentication as in CTAP2 and WebAuthN

U2F device interface types#

At the moment (2017-04-02) three interface types are specified in FIDO U2F. Unlocking is a test of user physical presence and requires a token-specific Authorization Gesture, such as pushing a button on a USB device, tapping a U2F device to an NFC-enabled device such as a mobile phone or tablet, or pressing a button on a BLE-enabled token or fob.

The user can use the same FIDO U2F device on all online services that support the U2F device protocol.

U2F device and WebAuthn Authenticator#

Existing FIDO U2F Security Keys are largely compatible with the Web Authentication API standard, though Web Authentication API added the ability to reference a unique per-account "user handle" identifier, which older hardware tokens are unable to store. Authenticators that only support the ยง8.6 FIDO U2F Attestation Statement Format have no mechanism to store a user handle, so the returned userHandle will always be null.

More Information#

There might be more information for this subject on one of the following: