We have covered some of the 2FA methods that can be implemented in your account such as using authenticator apps and SMS text messages. However, it should be noted both of these methods are vulnerable to man-in-the-middle attacks where an attacker can intercept SMS messages to obtain your verification code. Which is why we will be explaining a different method of 2FA.
Another method in which 2FA can be implemented is called Universal 2nd Factor (U2F). U2F was developed by Google and Yubico, the maker of hardware devices used as an authentication key known as Yubikeys. U2F uses physical hardware devices such as a USB or NFC which can be used to login to your account after you provide your email and password.
To learn more about U2F devices such as the Yubikeys, here is a link to how Yubico describes the importance of U2F : Yubico on U2F and why it's important.
Here is an outline of the steps to take to enable U2F on your account using a security key:
- Login to your Adafruit Account
- Navigate to "My Account"
- Under "My Account" select "Security and Privacy"
- In "Security and Privacy" select "Edit two-factor authentication settings"
- Enter a nickname for the security key you will be using and select to "add credential"
- You will be prompted to verify your identity with accounts.adafruit.com select the option of "External security key or built-in sensor"
- You will then be prompted to insert your security key into the USB port of your computer, ensure you insert they key
- We used a Yubikey security key which prompts the user to then press down on the golden circle after it has been inserted and the light starts to flicker
- The nickname of your key will now appear as well as the date is was added in your 2FA settings
- Next time you log into your account you will be prompted to insert the same key you used in this guide into your computer's USB port and touch the key to log into your Adafruit account.
Now let's get started by signing into an Adafruit account and navigating to "Account Settings" as shown in the screenshot below:
The 2FA enabling setting can be found under the Security & Privacy settings in your account. Continue by clicking on the "Security and Privacy" option highlighted in red in the image below:
In Security and Privacy, notice the green letters stating 2FA is enabled. You can revisit a previous tutorial to learn how to enabled 2FA here
Continue by clicking in the text "Edit two-factor authentication settings" which is the second portion highlighted in yellow down below:
You will be prompted to verify your identity with accounts.adafruit.com select the option of "External security key or built-in sensor"
You will then be prompted to insert your security key into the USB port of your computer & Step 8. You will be instructed to touch your key after it has been inserted and is blinking a light
Ensure you insert the security key directly into one of the USB ports located in your computer. Once the key is inserted into the USB port of your computer it should start blinking a light. If you do not see a blinking flip it around as it might have been inserted backwards. Once you see the blinking light press the golden circle down with your thumb.
The nickname of your key will now appear as well as the date is was added under the "Add Security Key" section
When the key is successfully added you will see a prompt stating "Security key successfully added to your account" as well as the nickname of your key under the "Add a Security Key" section.
Next time you log into your account you will be prompted to insert the same key you used in this guide into your computer's USB port and touch the key to log into your Adafruit account.
Ensure you keep your key in a safe place as every time you log into your Adafruit account the physical key will be required to access your account.