[danielpal]

Founder of Authy here. I've been thinking a lot about this lately and came to the conclusion that the only sensible way to do 2FA are U2F hardware key's. Here's why:

First, SMS 2FA. People think SIM port is uncommon, its not (i saw thousands of cases). Your cellphone number its public information - pretty much - and its not a technically difficult attack, you just need to convince a carrier to do it. Once the your SIM is migrated to the hackers possession he will hack into all your accounts before you even realized what happened.

Second, TOTP. I founded Authy with the idea that TOTP was strong enough and it is, technically, but in the wild deployments have lots of issues. Biggest one is people constantly change/loose their phones. So you end up with a update issue. At Authy we solved it by encrypting the seeds and storing them on the cloud. But today most users just copy the QR-Code, or store their TOTP key along with their passwords in the password manager. Storing your TOTP in your password manager completely defeats the point of TOTP, it just provides you with a false sense of security. Lastly, because it generates a lot of support issues when people loose their phones, services have added ways to bypass 2FA in their account recovery flows. You'll see backup codes or simply SMS as a recovery mechanism. This means your TOTP is as safe as SMS if your recovery allows it. TOTP today is so misused its just providing a false sense of security.

Third, U2F Hardware tokens. Its finally possible to do U2F to the iphone via Bluetooth and Feitan now has a key that supports it (Google sells one for project Titan). You can buy 2 keys for $50 dollars. It's impossible to missuse U2F tokens - you can't unsafely back-them up, you can't "screenshot them", etc, hardware enforces their security. They are 100% un-phishable, its impossible to trick a user into signing a login on a fake site - the key will simply not sign it, and there is no way for the user to make an "exception"(like you can if the SSL cert is invalid.). Also given the price and form factor is easy to buy 2 or 3 and have a few stored as backups. In my case I have 4 keys, 2 that I use on daily basis, and 2 I stored as safe backups. If I were to loose 2, there is no way of knowing they belong to me and tie them back to my account and I would just use the backup keys to logon, remove the lost keys and buy 2 more. No unsafe recovery keys, no unsafe backups. All my 4 keys are the exact same level of security.

Lastly, now Android allows you to use your android as 1 U2F key(new androids have secure hardware enclave specifically for this), so essentially all that users would need to do is buy 1 hardware key as backup.

If you are a service provider, I hope you consider about offering the ability to use U2F keys as secure login mechanism and enforce minimum 2 keys need to be registered - then you disable any other recovery mechanisms. THIS IS THE RIGHT WAY TO DO 2FA in 2019.

[sufficient]

I came to a similar conclusion: U2F hardware is the way to go. For some people, smartphones are becoming the only device they use. However, I am not fully convinced of using the device itself as a U2F key. Then it's no longer a two-factor solution. Thus, I envision the use of U2F hardware with mobile devices as the future of authentication.

Unfortunately, it is still difficult to find the NFC "sweetspot" at the back of your phone. At Cotech, we work on a Hardware Security SDK that solves this and works independent of Google Play Services. It brings support for U2F Hardware over NFC and USB to Android phones: https://hwsecurity.dev/fido/

[imiric]

Thanks for your input, and for Authy. I was a long-time user until I recently switched to an open-source alternative.

> Third, U2F Hardware tokens. Its finally possible to do U2F to the iphone via Bluetooth and Feitan now has a key that supports it (Google sells one for project Titan).

Would you still recommend a Bluetooth key given the recently found vulnerability[0] in the Feitian/Titan? The initial criticism from Yubico[1] seems to suggest it's an inherent limitation of the BLE protocol.

[0]: https://security.googleblog.com/2019/05/titan-keys-update.ht...

[1]: https://www.yubico.com/2018/07/the-key-to-trust/

[pat2man]

Laptops also often have a secure enclave now, so they could be a second device. Chrome on TouchBar MacBook Pros supports U2F this way.

[srfilipek]

> They are 100% un-phishable, its impossible to trick a user into signing a login on a fake site

Maybe 99.999% un-phishable. There have been kinks in the certificate chain in the past that have lead to improperly issued certs.

[programd]

This is the most insightful post in the entire thread. Thank you for that.

Most of the discussion here is about TOTP, which at this point is like arguing about the beautiful plumage of the dead parrot. TOTP for professional 2FA is a walking corpse, pushing up the daisies, wouldn't squawk if you put 10K volts through it [1]. If you're a company seeking to secure your infrastructure all your employees and contractors should be using U2F hardware keys to access your network. Period, end of discussion. Same for admin access to any external SaaS dependencies - and you should be loudly complaining if your SaaS does not yet support hardware keys.

And if you're a startup and even a solo developer, start looking at supporting WebAuth so you're not caught with your pants down later, especially if you want to sell to other businesses.

Business to consumer TOTP is a more complicated issue. The future is clearly hardware keys, tied to devices like phones, but the support is not yet all there. So you're going to have to support TOTP for a while yet, since it's better then bare passwords. But you should be making plans to move to hardware U2F ASAP, and the earlier you do it the easier the transition will be later when you will have to mandate it for all your users for liability and CYA reasons.

The looming shadow over all this is account recovery, which is not a solved problem in Business to Consumer space (IT/HR can sort you out to get back on your corp network if you lose your keys). There are too many implementations and all of them have flaws. There's little consensus on how to do it and all of the recovery methods can be misused or abused. If you lose your house keys you go to a locksmith who's usually bonded (in the US) and generally not a crook. Who do you go to if you lose all you hardware keys?

And of course there's a cost to users to having multiple hardware keys, which at $25 a pop will not fly with consumers. These things need to be basically free (your phone) or comparable to the cost of your house keys (for backups) for mass consumer uptake.

Bottom line, U2F hardware keys are the future of authentication. Learn to love and support them.

[1] https://www.youtube.com/watch?v=vZw35VUBdzo