How can we improve the Microsoft Edge developer experience?

U2F support 2 factor

Please add support for FIDO Universal 2nd Factor Authentication. They hardware tokens are very affordable, and add substantially more login security to virtually unlimited websites. More information is available at https://www.fidoalliance.org or https://www.duosecurity.com/u2f

69 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    We do not plan to support FIDO U2F. Instead, we are working towards support for FIDO 2.0 Web APIs which supports similar 2FA scenarios and will be integrated with Windows authentication methods via Microsoft Passport (e.g. biometric devices via Windows Hello, or PIN).

    https://dev.windows.com/en-us/microsoft-edge/platform/status/fidou2f

    https://dev.windows.com/en-us/microsoft-edge/platform/status/fido20webapis

    https://technet.microsoft.com/en-us/library/dn985839%28v=vs.85%29.aspx

    10 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Jacob V. Rasmussen commented  ·   ·  Flag as inappropriate

        I came here to see the status of U2F on Edge. I'm very dissapointed that Microsoft doesn't deem the standard 'worthy' of implementation.
        It works great on Chrome, and I tested it on Firefox, which seem to be up to par also.
        Please implement this, so it can be a more widely used standard today. People are using it already.

      • Dave T commented  ·   ·  Flag as inappropriate

        Come on guys, this is silly. I was hoping you might stop ignoring useful, commonly implemented standards with Edge. Welcome to IE all over again...

      • Brian Ronald commented  ·   ·  Flag as inappropriate

        U2F is part of my daily life. I use it to authenticate myself to several services, including social networks and some private systems. My choice of browser is predicated on U2F support. Needless to say, I'm not currently using a Microsoft browser.

      • anonymous_2 commented  ·   ·  Flag as inappropriate

        It would be nice if you guys add support for FIDO U2F, not just to be used with Microsft Edge, but also to outlook as second factor for e-mail.

      • Anthony Grimes commented  ·   ·  Flag as inappropriate

        So you're going to do what Windows has historically done and roll your own half-assed standard nobody will use? Well, there goes any chance of a yubikey user using your browser. Chrome it is!

      • Marvin Addison commented  ·   ·  Flag as inappropriate

        I'm a software developer at a large public US university and U2F tokens have proven very popular in our 2-factor deployment for reasons of both security and convenience. I think it's fair to say that it's a substantial deployment of U2F, so hopefully it moves the needle at least a little in terms of deployment base. I hope Microsoft will reconsider if it reaches what they consider critical mass.

      • Adam Branom commented  ·   ·  Flag as inappropriate

        I am incredibly disappointed in the choice to not support U2F. Utilizing a third party token which can include some assurance of actually utilizing a hardware device instead requiring people to make use of Windows Hello is extremely myopic. We currently use Smart Cards but these are not exactly well supported and would like to move to a more modern approach for both employees and outside customers and U2F seems like it could really fill this gap. While Windows Hello may be one acceptable form, U2F tokens cover a large area of scenarios that I do not think Windows Hello can cover. Will Windows Hello even work with other browsers? I know it's not the Edge team's job to develop this but is the plumbing even in place in Windows so that Chrome and FireFox can support Windows Hello? U2F is a real standard that is in use today in multiple browsers and is planned in more and the decision to skip this seems extremely shortsighted. Please reconsider.

      • Marq commented  ·   ·  Flag as inappropriate

        @Admin nice! Will support also be backported to IE12? Do you have a rough guess when this will hit production?

      Feedback and Knowledge Base