[cameldrv]

IMO binding to the hardware is not a huge security benefit. Suppose you have a security key that can auth to service X and then your device is compromised. The attacker can install malware that will simply wait until you auth that service, and then just make it look like your web browser crashed and hijack the session. The difference between having the private key and having an authenticated session is marginal.

OTOH, the anti-phishing/shoulder surfing benefits of U2F are substantial and eliminate the ability to perform very common attacks. This is a great piece of software.

[oarsinsync]

What's the difference between software U2F and software password manager that auto-fills TOTP tokens?

[skybrian]

Sure, that's one threat scenario, but aren't there others?

It seems like a hardware key helps when using a machine temporarily, and it gets compromised after you use it.

[drivebycomment]

Hardware based is of course better, but if we're comparing "hardware-based OTP" and "software-based u2f", the latter is better for practically everyone.

[tgsovlerkhgsel]

Hijacking the session can be a lot harder (especially if the site has defenses built to detect that) than stealing a key. The access is also a lot less persistent.

[kerng]

Pass the cookie attacks are problematic (e.g in case someone already has root access, which is the concern here).

Hacker will just wait until after auth and steal your cookies.