Support FIDO U2F over USB and NFC.

[crocket]

Why you want U2F

• It authenticates a user via public key authentication between server and client. Stronger encryption than OTP.
• Public key authentication prevents phishing and man-in-the-middle attacks.
• There is no keyboard input, so it is not susceptible to keyboard loggers.
• A U2F device can generate a new key pair for each (web) application. Automatic generation of application-specific keys prevents websites from tracking you by the same public key.

Desktop (U2F over USB)

• Already implemented on chrome and opera.
• Available as an addon in firefox. U2F will probably be natively supported in firefox soon.
• According to https://developer.microsoft.com/en-us/microsoft-edge/platform/status/fido20webapis/, Microsoft hasn't started working on U2F, yet.

Mobile

U2F over NFC is currently supported via google authenticator on android.
However, U2F over USB is still possible if you connect a U2F key device to a smartphone via a USB cable.

Supported Web Services

• Google
• Facebook
• Github
• GitLab
• Etc
  • http://www.dongleauth.info/
  • https://twofactorauth.org/

[genofire]

Works on Firefox native (without addon) since Quantum (v57)
(should be default enabled in next release v60 - before over about:config)

Would be nice ;)

[jonasfranz]

@ all people interested in FIDO U2F

I've created a PR (#3971) to implement this feature.
I need more feedback regarding support under different operating systems and U2F devices. So if you own a FIDO U2F certified security key, please test if our implementation work for your setup.

Test instance: https://try.h.jonasfranz.software/

Please leave a comment under the PR (#3971) containing the name of your U2F device, OS and Browser (incl. version).