Using your iphone/android as a U2F-FIDO key

[belham2]

For those that are security-minded and also have been involved/using U2F-FIDO with their accounts & email, you might be interested in these two things:

https://nakedsecurity.sophos.com/2019/1 ... ntication/

https://www.macworld.com/article/351450 ... y-key.html


Personally, I've been using U2F-FIDO (physical security keys) to lock down my email accounts for over 4 years now, and it is the single best thing I ever did. The only pain in the butt was always integrating with phones, especially iphones. Androids always (at least for me) have worked smoother in this regard, but never on my iphones/ipads.

Well, this obstacle has been removed by Apple, and the first shot across the bow in this coming ocean wave is, of course, Google. I successfully tested using one's own iphone's built-in security module (just like a physical U2F-FIDO key I also use) as per the above article. It's fantastic and a sign of further things to come, for both IOS and, of course, Android.

Now, when I'm on my (any) laptops and/or Ipads, and I don't happen to have one of my U2F-FIDO physical keys on me, I just use my iphone, and voila', it becomes the 2FA security key allowing me and only me to access my email accounts.


As I've mentioned in the past here, utilizing the free AP (Advanced Protection program) in addition to U2F-FIDO keys on your email/online account(s), there currently is no greater security within the email/online account world(s)---and this includes singular services like ProtonMail, etc, etc.