Enabling U2F in Firefox

1 minute read

I highly encourage everybody to use two factor authentication whenever possible. I myself even use a hardware key when I can. I chose to buy a Yubikey by Yubico.

It not only holds my GPG key, which I use to sign and encrypt emails, but also all my One Time Passwords (OTP). Normally you would need a separate app to hold your OTP tokens, but having them on the Yubikey means I can retreive them on my laptop as well as my phone.

There are a growing number of sites that support the Yubikey to provide something called the Universal 2nd Factor. This standard is supported out of the box by Google Chrome. You go to your U2F capable website, enter your username and password and the website will ask you to “press” the Yubikey. You then put your finger on the key and an exchange will happen between the key and the website, providing it with your 2nd factor.

As I tend to use Firefox instead of Chrome it would be very nice if it would just work with Firefox as well. Turns out the U2F support is turned off by default in Firefox Quantum. You need to go to your configuration section, about:config, accept the warning about “warranty” and search for u2f. Double click the security.webauth.u2f line to enable it.

Turn on the U2F support in Firefox

Another problem solved!