A hardware-based two-factor authentication standard using physical keys for phishing-resistant login.
U2F uses hardware security keys (e.g., YubiKey) to provide strong second-factor authentication via USB/NFC. It’s resistant to phishing because the key validates the origin before completing authentication.
"After enabling U2F on her exchange account, Maria authenticates by touching her security key; attempts on fake domains fail because the key refuses to respond."
Modern WebAuthn/FIDO2 expands on U2F with passkeys and passwordless flows, though U2F keys remain widely supported and valuable as a second factor.
"The team issues FIDO2 keys to staff and requires phishing-resistant MFA for administrative dashboards."
All terms and definitions may update as the Cryptionary improves.