[talkingtab]

Just to be clear, "Yubikey" is a brand of FIDO key. See: https://fidoalliance.org. You can find other brands which in my experience, are just as functional but often less expensive. I have a yubikey, one from hyperfido and most interesting is the open source 'U2F zero'. All of them work equally well. Unless MS has a non-standard implementation or does not use FIDO, then any FIDO would work.

[subway]

If we really want to be clear, a Yubikey is a token capable of running applets including, but not limited to FIDO U2F. Other applets commonly used include PIV (pkcs11), OpenPGP, OATH, and Yubi's own OTP applet.

[j_s]

This is the part I don't understand... the Yubikey U2F-only option (1/2 the price) is not listed as supported by this application.

As best I can tell, U2F as it is used today isn't supported by Windows Hello; this is a custom app to support the more advanced Yubikey products.

Apparently there is some v2 of U2F coming down the pike that vendors are waiting for before implementing support; however, I couldn't find much information on how this currently affects Windows Hello:

https://groups.google.com/a/fidoalliance.org/forum/#!topic/f...

[nickik]

Windows Hallo will usr FIDO 2.0 but this is just a normal HMAC ChallengeResponse, not FIDO.

[mongol]

No it is not. There are yubikeys that implement U2F but Yubikeys also provide more. In this case, their specific U2F key is not listed as requirement. So this is most likely not implemented using U2F.

[chaz6]

I have a Yubikey 4, a Plug Up key (pu1.fr/sk though seems to be awol) and a Fidesmo nfc card for my phone. Annoyingly the nfc card works fine with github, but Google says it is not supported on my device.

I hope that someone adds support for using U2F with windows accounts.

[rcm239]

This YubiKey implementation is not FIDO U2F - it is using a challenge and response technique with HMAC-SHA 256 – here is a bit more detail from Microsoft https://msdn.microsoft.com/en-us/windows/uwp/security/compan...