9/28/2023 0 Comments Gmail u2fU2F has been adopted by large services such as Gmail, Facebook, Dropbox, and GitHub. The U2F standard was developed by Google and Yubico and is championed today by the FIDO Alliance, an open industry association focused on reducing the world’s excess dependence on passwords. U2F, while still considered a multi-factor authentication method, is much stronger than traditional MFA methods such as security questions or one-time passwords, which can be stolen or intercepted. It’s the addition of something a user has (physical security key) with something the user knows (password). One of the available U2F devices comes with 10 year warranty already.U2F (Universal 2nd Factor) is a universal authentication standard that provides an additional layer of security for online accounts. Then each of the security token devices can last much longer. Notice also a significant flexibility detail between the two standards, where the latter does not require time stamp, meaning that the U2F standard supports security tokens that not need a battery. It seems that it is just a matter of a feature decision for the TFA module to also support U2F. Therefore, I think it would be good if not only support (require) TOTP, but also the U2F standard, which seems to be THE way forward. When many people now can use the same 2FA security token to secure their accounts with both Google, Paypal, Alipay, etc., as well as also easily for their individual Drupal sites using a Drupal contrib module, then I would think it be wise to avoid forcing people to choose between two different standards. the FIDO alliance supporting members list: I think should also have support for the "U2F" ("Universal-Two-Factor") authentication standard that earlier this year was established by the FIDO alliance. Ok, so maybe the TFA_basic module is the right place for this feature request.įYI - Ref.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |