Enable javascript in your browser for better experience. Need to know to enable it? Go here.

U2F

Last updated : May 05, 2015
NOT ON THE CURRENT EDITION
This blip is not on the current edition of the Radar. If it was on one of the last few editions, it is likely that it is still relevant. If the blip is older, it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the Radar. Understand more
May 2015
Assess ?

Securing online accounts is at the same time extremely important and notoriously difficult. Two-factor authentication does greatly increase security and we have recommended TOTP as a good solution. A new entrant in this field is Universal 2nd Factor ( U2F ), a solution based on public key cryptography and inexpensive USB hardware tokens. While developed at Google, it has now become a standard managed by the FIDO Alliance. We do like the promise of better protection against phishing and man-in-the-middle attacks, but are concerned because the standard currently references a specific elliptic curve digital signature algorithm that is considered to be flawed.

Jan 2015
Assess ?
Published : Jan 28, 2015

Download the PDF

 

 

English | Español | Português | 中文

Sign up for the Technology Radar newsletter

 

Subscribe now

Visit our archive to read previous volumes