How can we improve the Microsoft Edge developer experience?

U2F support 2 factor

Please add support for FIDO Universal 2nd Factor Authentication. They hardware tokens are very affordable, and add substantially more login security to virtually unlimited websites. More information is available at https://www.fidoalliance.org or https://www.duosecurity.com/u2f

69 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    We do not plan to support FIDO U2F. Instead, we are working towards support for FIDO 2.0 Web APIs which supports similar 2FA scenarios and will be integrated with Windows authentication methods via Microsoft Passport (e.g. biometric devices via Windows Hello, or PIN).

    https://dev.windows.com/en-us/microsoft-edge/platform/status/fidou2f

    https://dev.windows.com/en-us/microsoft-edge/platform/status/fido20webapis

    https://technet.microsoft.com/en-us/library/dn985839%28v=vs.85%29.aspx

    5 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Anthony GrimesAnthony Grimes commented  ·   ·  Flag as inappropriate

        So you're going to do what Windows has historically done and roll your own half-assed standard nobody will use? Well, there goes any chance of a yubikey user using your browser. Chrome it is!

      • Marvin AddisonMarvin Addison commented  ·   ·  Flag as inappropriate

        I'm a software developer at a large public US university and U2F tokens have proven very popular in our 2-factor deployment for reasons of both security and convenience. I think it's fair to say that it's a substantial deployment of U2F, so hopefully it moves the needle at least a little in terms of deployment base. I hope Microsoft will reconsider if it reaches what they consider critical mass.

      • Adam BranomAdam Branom commented  ·   ·  Flag as inappropriate

        I am incredibly disappointed in the choice to not support U2F. Utilizing a third party token which can include some assurance of actually utilizing a hardware device instead requiring people to make use of Windows Hello is extremely myopic. We currently use Smart Cards but these are not exactly well supported and would like to move to a more modern approach for both employees and outside customers and U2F seems like it could really fill this gap. While Windows Hello may be one acceptable form, U2F tokens cover a large area of scenarios that I do not think Windows Hello can cover. Will Windows Hello even work with other browsers? I know it's not the Edge team's job to develop this but is the plumbing even in place in Windows so that Chrome and FireFox can support Windows Hello? U2F is a real standard that is in use today in multiple browsers and is planned in more and the decision to skip this seems extremely shortsighted. Please reconsider.

      • MarqMarq commented  ·   ·  Flag as inappropriate

        @Admin nice! Will support also be backported to IE12? Do you have a rough guess when this will hit production?

      Feedback and Knowledge Base