How to secure your accounts with U2F security key?

U2F is a new validation standard. U2F security key is small USB device. To login, you will not need to enter the authentication code provided from an application or SMS anymore, just insert the USB security key and click on that button. At this point, U2F only supports Chrome browser, and perhaps Microsoft is adding more to Firefox browser. Google, Facebook, Dropbox, and GitHub are accounts that allow you to use the U2F security key to secure your account.

1. What you need to have

To start the steps, you need to prepare:

- A FIDO U2F security key: According to Google's official document, users search FIDO U2F Security Key security key on Amazon and how to buy a FIDO U2F security key.

The search results were from Yubico, who worked with Google to develop U2F before joining another company. Yubico U2F security lock costs about $ 18.

- Google Chrome browser (or Opera): Currently, U2F is only supported on Google Chrome browser. Firefox browser may be supported, and Microsoft is working to add U2F to the Edge browser. So you will need Chrome browser to use U2F, it works on both Windows, Mac, Linux and Chrome OS. (Opera also supports U2F security key, because of the Google Chrome-based Opera platform.)

When signing in from a platform that does not support security keys, such as a mobile phone or a browser other than Chrome, you can authenticate otherwise. For example, you may have to enter the authentication code sent to your phone via SMS.

2. How to set up U2F for Google account?

Go to Google.com and sign in with your Google account. Click on the profile image in the top right corner of Google page and select My Account to view your account information.

Click Signing into Google on the My Account page, then click 2-step Verification or click on this link to access the page directly. Click on the Security Keys tab and click Add Security Key .

Remove the USB drive from the USB port (if you plug the USB drive into it). Click the Register button, then plug in the security key and click Register if it appears. Click Done and the security key will link to your Google account.

When you log in from a new computer, you will be asked to confirm using a USB security key. Just plug in the USB security key and click on the button on it when required.

If there is no security key or you are logged in on a device or the browser does not support U2F, you can confirm using SMS or some other solution to configure your Google account security. .

Readers can refer to the steps to protect your Google account with USB "security key" here.

3. Set U2F for Facebook account

To activate the U2F security key for your Facebook account, visit the Facebook home page and then log in to your Facebook account.

Click on the arrow icon in the top right corner of the page, select Settings , then click Security in the left corner of the Settings page, then click Edit in the right pane of the item. Login Approvals (review login).

Or you can click on this link to directly access the Login Approvals page.

Click the Add Key link in the right pane of Security Keys to add the U2F security key to the authentication solution. In addition, you can add a 2-step verification solution here, including receiving a confirmation code via SMS or voice call.

Insert the U2F security key into the USB port on your computer and click the button on it if required. You may have to enter a name for the security key.

Once done, click on ' Enable Two-Factor Authentication ' to request the login security key.

When logging in to Facebook in the future, you will be asked to insert a USB security key to confirm. In addition, you can click the link Use a different method and select the other 2-step confirmation solution to activate.

For example, you can receive a confirmation code via SMS sent to your phone in case there is no USB security key.

4. Set U2F for Dropbox account

To set up U2F for your Dropbox account, you access the Dropbox homepage and log in to your account.

Click on your name in the top right corner of the page, then select Settings then select the Security tab. Alternatively, you can click this link to directly access the account security page.

If you haven't activated 2-step verification, click the Enable link to enable 2-step verification.

You will have to set up or verify via SMS or a mobile authentication application, such as Google Authenticator or Authy before adding a security key. This is for backup in the event of a bad situation.

Download Google Authenticator to your device and install it here:

1. Download Google Authenticator for Android here.
2. Download Google Authenticator for iOS here.

Download Authy to your device and install it here:

1. Download Authy for Android here.
2. Download Authy for iOS here.

Once completed or if you have enabled 2-step verification, click Add next to Security keys.

Click to perform the steps on the screen, insert the USB security key and click on the button on it when required.

During the next Dropbox login on Chrome browser, you will be asked to insert the USB security key. If the browser does not support USB security key, you can use the confirmation code sent to the system via SMS or authentication applications on your mobile phone.

5. Set U2F for GitHub account

To set U2F for GitHub account, you visit GitHub page, login account and click on profile picture in the top right corner of the page. Click Settings , then click Security . Or you can click this link to access the Security page directly.

If you haven't activated 2-step verification, click Set up two factor authentication and go through the steps. With Dropbox you can set up 2-step verification using a confirmation code via SMS sent to your phone number, or via authentication application.

If you have enabled 2-step verification, click the Edit button.

On the 2-step verification page, scroll down to find and click Register new device at Security keys .

Enter a name for the security key, then click Add , then insert the USB drive and USB port on the computer and click the button on it.

You will be asked to insert a USB key and click on that button every time you log in to GitHub. If there is no USB key you can confirm by SMS or authentication application.

Refer to some of the following articles:

1. Using USB to lock or unlock Windows computer, have you tried it or not?

1. Instructions for setting up BIOS and UEFI passwords to protect data on your Windows 10 computer safely

1. Configure the "brain damage" PIN to log on to Windows 10

Good luck!