Overview#Universal Second Factor Challenges
Support for Universal Second Factor Challenges#There is limited Website or other on-line server support for Universal Second Factor Challenges.
Universal Second Factor Security Keys are supported by Google Chrome since version 40 and Opera since version 40. Universal Second Factor security keys can be used as an additional method of two-step verification on online services that support the U2F protocol, including user will not be able or willing to perform Credential Enrollment using Universal Second Factor. The process involves several steps and the steps are not something the typical user would perform. Some of these include:
- Enrollment of the Universal Second Factor device.
- Fears about loss or unavailability of the Universal Second Factor device.
- Backup Codes
Backup Codes#When using any Authentication Factors there need to be a Credential Management method. What we have experienced with Universal Second Factor has been:
- Use an different Authentication Factor to obtain access to the account. So often you have a One-Time Password System as an Authentication Factor
- A set of one-time backup authentication codes
The issues with the a set of one-time backup authentication codes is that either the person is unwilling or unable to save the codes in a Secure location or they are unable to obtain access or find them when needed. To store them in a secure place, requires some tool similar to a Password Management Application, which is the kind of thing we are trying to eliminate.