Hacker News new | ask | show | jobs
by LeonM 2816 days ago
It is a second factor, so the'll also need to know your password.

You will notice your key missing, then you can disable that key with your backup key. With only a password, it becomes a lot harder to notice someone stole your pw.
2 comments
icelancer 2816 days ago
Right. That also applies to N number of keys, too.
link
joesb 2816 days ago
The different is, if you have 1 U2F key, people who steal your U2F key gain access to one half of the two factors for ALL services you use.

With 4 U2F keys, people who stole 1 of your U2F keys gain that one factor for only the services that you tied to that keys.

link