Using U2F Security Keys for MFA to Cloud Applications


As the world’s distributed organizations look to tighten security practices across their remote workforces’ application access, many find that multi-factor authentication (MFA/2FA) provides consistent benefits. Depending on the type of MFA used, however, employees working from home may experience friction that administrators can’t support in person. 

Universal second factor (U2F) security keys, like Yubikey, provide a simple end user experience that ships to remote employees. By combining them with a cloud directory service, IT admins can enable secure access with MFA to cloud applications.

How U2F MFA Works

As a practice, MFA is self-explanatory: a user must present multiple factors upon login when authenticating to a service. These factors are colloquially described as something you have (a smartphone app or physical key) and something you know (a username/password credential pair).

In use, many popular U2F keys are USB-based, plugging into an available port on their laptop. When logging in to a cloud application, end users simply push a button on the key after entering their credentials to authenticate.

Read more…