Quote:
Originally Posted by pjwalsh
U2F and app-specific passwords are great advances in FM login security.
|
I'm of the opinion that its more secure and and more user-friendly than any other consumer-grade two-factor out there. I've been
telling anyone that will listen and we're hoping to do more presentations about U2F in the future.
Quote:
Chrome supports U2F, Firefox does not.
Sadly, Mozilla has yet to implement U2F support.
Others might list other browsers that support U2F.
|
All Chromium-based browsers should support it (Chromium, Chrome, Opera, Vivaldi, etc).
There is an extension for Mozilla, but no native support yet. I'm told that there are Mozilla engineers interested in it, but its currently quite difficult to do securely in Mozilla due to the lack of sandboxing. I'm sure they'll get there in time.
Quote:
Amazon links for U2F capable keys:
|
We've tested with U2F devices from Hypersecu, Feitian, Neowave, Happlink and Nitrokey. At 9 euro the
Nitrokey U2F is the cheapest one we've found, so it's certainly not expensive to get started.
Of course we'll continue supporting TOTP and other methods for the forseeable future.