Universal second-factor, or U2F, is a new standard for universal two-factor authentication tokens. These tokens use USB, NFC, or Bluetooth to provide two-factor authentication across a variety of services. Chrome, Firefox, Opera, Facebook, Dropbox, and even GitHub, as well as Windows and OSX, already support U2F authentication.
The FIDO Alliance, which includes members like Google, Microsoft, PayPal, American Express, MasterCard, VISA, Intel, ARM, Samsung, Qualcomm, Bank of America, and many other industry leaders, backs this standard.
To clarify, universal second-factor is just a physical key that you plug into a USB port on your computer. The U2F device, like the key to your car our house, then unlocks digital assets like an operating system, Gmail applications, or social media sites via key encryption. Remember that without the physical key, no one can access your account. In other words, using universal second-factor authentication means that hackers and key loggers cannot steal your passwords because the U2F encrypts the data.
But perhaps the best thing about universal second=factor authentication is that it doesn’t require the storage of personally identifiable information. Its minimal storage requirements are precisely why you can use the same key for multiple accounts without compromising security.
If a U2F key becomes misplaced or stolen, it doesn’t matter where it lands or who ends up with it. No one can pull private information from the key because the U2F key does not store personal information. In other words, there is nothing to tie that key to you.
U2F keys are relatively inexpensive (less than $20 in most cases). Therefore, we can expect universal second-factor security tokens everywhere very soon.