A Windows User’s Guide to Built-In U2F Authentication
Today, we’re excited to announce that Dashlane is collaborating with Intel to bring built-in Universal Second Factor (U2F) support to Dashlane’s password manager for Windows systems featuring the new 8th Generation Intel® Core™ Processors.
When we became the first and only password manager to introduce support for the FIDO Alliance’s U2F authentication with Yubico–creators of the YubiKey–in February 2016, we provided you with an innovative, simple way to add an extra layer of security and convenience over your passwords using a YubiKey. Today, we’re taking that a step further through our second collaboration with Intel- providing you with a secure and convenient authentication method that doesn’t require a second device.
This guide will quickly explain what U2F is, how it works, and how built-in U2F authentication will work with Dashlane on your PC.
What is U2F and how is it different from 2FA?
Let’s say you signed into your email account this morning and you were asked to enter your email address and password. Your password is considered a Single-Factor authentication. Two-Factor Authentication (2FA) is a feature that adds an additional “factor” to your normal login procedure to verify your identity using two of three possible identifiers: something you know (i.e. your password, PIN number, zip code, etc.) something you are (i.e. facial recognition, your fingerprints, retina scans, etc.), or something you have (i.e. a smart card, your smartphone, etc.).
On the other hand, Universal Two-Factor Authentication (U2F) is an advanced and open standard for two-factor authentication pioneered by the FIDO Alliance, a nonprofit association dedicated to advancing the security and convenience of online authentication. U2F uses public key cryptography to securely authenticate a user to a web service and helps prevent phishing attacks and hackers from stealing users’ credentials.
Because U2F is an open standard, companies like Intel and Yubico can create keys and hardware according to the U2F technical specification and have it accepted at all the places that accept U2F as a method of authentication–no client software required!
What are the advantages of U2F over common 2FA options?
The advantages of U2F combine the benefits of both security and convenience. As a growing number of Internet users are adopting two-factor authentication, so are the number of security concerns. For instance, last year, the US National Institute of Standards and Technology (NIST) stopped recommending the use of SMS-based two-factor authentication codes for due to several security concerns.
Instead, with U2F authentication, you’ll have protection against common cyber threats, including phishing, session hijacking, malware, and other attack methods that may attempt to breach your accounts. You’ll also have assured privacy. Since a U2F device is not connected to your real identity, like your smartphone or fingerprint, and as each authentication generates a new key pair, it is impossible for a U2F device to be correlated across different services or even across different accounts on the same service.
The second biggest issue with popular 2FA authentication methods is the inconvenience. For many 2FA users, picking up your smartphone, opening your Authenticator app, and entering that code in a different app before the 30 seconds expires, and repeating that process sometimes multiple times a day is a time-consuming and error-prone process. With U2F, you’ll have instant authentication to a number of online services, with no time-sensitive codes to re-type and no drivers to install.
How does U2F authentication work with Dashlane?
Last year, we were the first and only password manager to introduce support for U2F-enabled YubiKeys. YubiKeys are the leading multi-factor authentication device on the market and can authenticate your identity with a simple touch of a button. They’re lightweight, waterproof, require no batteries, and can be easily attached to your keychain.
Today, through our partnership with Intel, we’re adding another U2F authentication option to Dashlane–one that doesn’t require you to tap a security key, open a mobile authenticator app, or search for text message codes. With built-in U2F, you’ll simply need to click an on-screen button after entering your email and password into Dashlane. This button is invisible to anyone attempting an account takeover and serves as your built-in second factor of authentication. See how it works in the short GIF below.
To activate this feature, users will open the Security tab of your Preferences in the Dashlane app and make sure two-factor authentication is on. In the same tab, add a U2F security key. Dashlane will automatically detect your computer’s Intel U2F capabilities. You’ll be asked to activate the security key in a few simple steps. The next time you log into Dashlane on your Intel-powered PC, simply click on the button to verify you are on your computer.
When will this available on my PC device?
Built-in U2F support will be available to Dashlane Premium and Dashlane Business PC users with Intel’s new 8th Generation core processors, announced last week and hitting the market this fall.
I hope this guide answered several of your questions about our exciting new collaboration with Intel and our support for built-in U2F authentication.
Sign up to receive news and updates about Dashlane