Universal Second Factor Device for Facebook

Facebook recently introduced the ability to use what they call a Facebook Security Key as a second factor of authentication to its site. In order to use this feature within Facebook, the user needs to own a universal second factor device, or U2F security key, to enable login approvals through the security section of their profile.

The universal second factor standard was created by Google and Yubico, and uses the FIDO protocol with standard public key cryptography to provide a secure second form of authentication.

A U2F security key is registered with a service, like Facebook, by approving it during the registration process. This is done by pressing the button on the universal second factor device when prompted, which starts the process of creating the second factor. This approval creates a key pair, in which the public key is sent to the online service and linked to the particular user's account. The private key is kept locally on the universal second factor device, and is never sent to the provider. This registration process creates the key pair for the second factor of authentication that is used each time during login going forward. Read the rest of my article at the link below:

http://searchsecurity.techtarget.com/answer/How-does-a-universal-second-factor-device-secure-Facebook-users