Today, Google announced a new G Suite feature that allows admins to lock down accounts so they can only be accessed by users with a physical USB security key. The FIDO U2F Security Keys have been supported on G Suite and regular Google accounts since 2011, but now new security controls allow admins to make the keys mandatory for anyone who tries to log in.
Universal 2nd Factor (U2F)—initially developed by Google and Yubico—is a standard from the FIDO Alliance that allows a physical device to work as a second factor of authentication. After entering your username and password, you'll have to connect your device to your physical authentication key. The keys can support USB, NFC, and/or Bluetooth, allowing them to connect to desktops, laptops, and smartphones. Many services support U2F, like Dropbox, GitHub, Salesforce, Dashlane, and others. The Chrome and Opera browsers support U2F, along with Android and Windows smartphones. Modern iOS devices don't work with the standard, but Google appears to have some kind of workaround.
Are any Soylentils out there using U2F and if so, how's that working for you?
Source: ArsTechnica
(Score: 3, Insightful) by ticho on Sunday February 26 2017, @11:35AM (9 children)
As long as the standard is open, which it seems it is, it's not really a browser lock-in.
(Score: 1, Troll) by richtopia on Sunday February 26 2017, @12:30PM (5 children)
Currently I'm imagining that the "open standard" includes something that looks like:
(Score: 1) by jrial on Sunday February 26 2017, @12:34PM (4 children)
Install windows on my workstation? You crazy? Got any idea how much I paid for the damn thing?
(Score: 1) by Scruffy Beard 2 on Sunday February 26 2017, @04:14PM (3 children)
You have no idea how the IT industry works. Perhaps you should refrain from commenting on it, lest you make yourself look like a fool.
--
Install windows on my workstation? You crazy? Got any idea how much I paid for the damn thing?
You sig is ironic in this context.
For a while Microsoft was (or people recommending Microsoft were) jumping on the "cross platform" bandwagon with ActiveX apps that "run in the browser" See? it runs on Windows 98, 2000, XP, Vista...
(Score: 1) by jrial on Sunday February 26 2017, @08:26PM (2 children)
Install windows on my workstation? You crazy? Got any idea how much I paid for the damn thing?
(Score: 1) by Scruffy Beard 2 on Monday February 27 2017, @07:12AM (1 child)
I may have been mis-interpreting a mangled version of this [microsoft.com].
Until just now, I had not idea the ActiveX was supposed to be cross-platform in the literal, Java-like, sense.
Presumably those plans got scuttled when people either realized that ActiveX was a horrid idea; or they wanted to tie Internet Explorer to the OS so that it could not be uninstalled.
(Score: 1) by Scruffy Beard 2 on Monday February 27 2017, @07:22AM
Re-checking the link in Parent, I noticed it only talked about Internet Explorer being cross-platform, not ActiveX being cross-platform.
ActiveX [wikipedia.org] pointed me to "ActiveX technology: You can't go there today". InfoWorld. [google.com] May 19, 1997. pp. 90 ff.
(Score: 2) by rleigh on Sunday February 26 2017, @02:33PM (2 children)
Definitely frustrating though. I ended up switching to Chromium for this feature. No idea why they can't implement it, since it has open libraries and is very useful.
(Score: 1) by jrial on Sunday February 26 2017, @02:53PM
Install windows on my workstation? You crazy? Got any idea how much I paid for the damn thing?
(Score: 3, Funny) by ticho on Sunday February 26 2017, @03:47PM
Or you could just implement it yourself. You know, open source and all. :)