Talk:Universal 2nd Factor

This is the talk page for discussing improvements to the Universal 2nd Factor article. This is not a forum for general discussion of the article's subject.

Put new text under old text. Click here to start a new topic. New to Wikipedia? Welcome! Learn to edit; get help. Assume good faith Be polite and avoid personal attacks Be welcoming to newcomers Seek dispute resolution if needed Article policies Neutral point of view No original research Verifiability

Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL

This article is rated C-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Computing: Websites / Security Low‑importance This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks. Low This article has been rated as Low-importance on the project's importance scale. This article is supported by WikiProject Websites (assessed as Low-importance). This article is supported by Computer hardware task force (assessed as Low-importance). This article is supported by WikiProject Computer Security (assessed as Mid-importance). Things you can help WikiProject Computer Security with: edit history watch purge Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information... Answer question about Same-origin_policy Review importance and quality of existing articles Identify categories related to Computer Security Tag related articles Identify articles for creation (see also: Article requests) Identify articles for improvement Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc. Find editors who have shown interest in this subject and ask them to take a look here.

Universal Authentication Framework

Latest comment: 7 years ago1 comment1 person in discussion

It will be helpful to include some mention of the Universal Authentication Framework also being worked on in association with the Universal 2nd Factor specification. See, for example: https://fidoalliance.org/approach-vision/ Thanks! --Lbeaumont (talk) 14:20, 4 June 2017 (UTC)Reply

Proposal for overview

Latest comment: 6 years ago1 comment1 person in discussion

It would be great if an overview of how U2F works could be included in the main article based on the spec from https://fidoalliance.org/how-fido-works/ - thoughts? Bobzy (talk) 22:09, 12 February 2018 (UTC)Reply

Multiple transactions in background

Latest comment: 5 years ago1 comment1 person in discussion

What prevents a U2F USB token from authorizing multiple transactions taking place in the background, does U2F impose restrictions? In case of a secureID , one has to manually authorize by keying in the correct pin , which changes everytime. The base FIDO spec enforces user intervention via fingerprint reader for every transaction etc. But the commercial ones do not.

When magnetic cards were launched in 80s too, magnetic card programmable kits were not easily available, but they are easily purchasable since the 90s. The same would apply to USB tokens not being programmable today but being programmable in the near future

— Preceding unsigned comment added by 122.167.152.69 (talk) 12:52, 26 July 2018 (UTC)Reply

U2F is a legacy protocol

Latest comment: 5 years ago3 comments1 person in discussion

Before I revert the previous edit, I'd like to hear from others. Is U2F a legacy protocol? I strongly believe that it is (and I have provided evidence of this in the article). Thoughts? Tom Scavo (talk) 17:30, 26 April 2019 (UTC)Reply

I will revert the previous edit on May 1 unless someone objects. Tom Scavo (talk) 23:30, 28 April 2019 (UTC)Reply

Reversion complete. Tom Scavo (talk) 16:38, 1 May 2019 (UTC)Reply

Keyboard

Latest comment: 1 month ago4 comments4 people in discussion

Under Universal 2nd Factor § Design it says that the devices emulate a keyboard. That doesn't appear to be the case from my use of one, and it doesn't say that in the webpage linked in the citation. What the source *does* say is that U2F devices use the HID protocol and, to explain what HID is, says that it's also used by keyboards, mice and joysticks. I think the editor who wrote that part has misunderstood the source.

I have added the "failed verification" template and, if there's no objection, I will remove the text "essentially mimicking a keyboard".

DDFoster96 (talk) 10:20, 6 October 2022 (UTC)Reply

The original article was likely confusing U2F with the proprietary Yubico OTP protocol which only requires one way communication and *does* emulate a USB HID keyboard: https://developers.yubico.com/OTP/ 2A02:ED04:3581:2:0:0:0:D001 (talk) 17:00, 29 September 2023 (UTC)Reply

I also think such an USB device emulates a chip card reader with a chip card inserted. That way it's much easier to establish a two-way communication (than with a keyboard)

--Uhw (talk) 13:21, 7 February 2023 (UTC)Reply

Bold 2A01:5EC0:5011:F7FB:1:0:9F18:23BA (talk) 08:45, 8 June 2024 (UTC)Reply