Posted on July 29th, 2018
During my Cyber Keynotes, I heavily preach the need for two-factor authentication (2FA), preferably with a Yubikey device. I have even been known to carry a few sealed units as giveaways when someone shows interest. This small USB device is required in order to access any of my accounts that support it. A username and password is not enough. This technology is the primary reason that Google has not had any of their employee’s accounts phished since 2017 (LINK). Until recently, the Chrome browser was required in order to use Yubikeys with some services, especially Google, Facebook, and Dropbox. While Firefox cannot log into a Yubikey protected Google account by default, we can make a small modification in order to allow it to function. The following steps will activate Universal 2nd Factor (U2F) within Firefox.
In the address bar, enter about:config
Agree to any warnings
In the search field, type security.webauth.u2f
Double click the entry to change to “True”
You can now navigate to GMail and other U2F optional services and use your Yubikey as you would in Chrome.
Filed under Security |