You can bind a Universal 2nd Factor (U2F) security key to your Alibaba Cloud account. This enables secondary authentication for logon and improves your account security. This topic describes how to bind and unbind a U2F security key.
What is U2F?
U2F is an open authentication standard hosted by the Fast IDentity Online (FIDO) Alliance. It provides a drive-free, universal method for strong second-factor authentication, adding an extra layer of security beyond your username and password.
After you enable U2F, logging on to Alibaba Cloud requires two steps:
Primary authentication: Enter your account name and password.
Second-factor authentication: Insert your U2F device and verify your security key.
Using U2F provides strong protection against account compromise resulting from brute-force attacks or security vulnerabilities.
Before you start
You can only use a U2F security key for logon verification on a PC; mobile is not supported.
The U2F security key feature is in public preview. If you bind a U2F security key but are not prompted for U2F authentication at logon, your account is not yet included in the public preview.
If you cancel the U2F authentication prompt, you must refresh the page, then remove and reinsert the U2F device.
U2F security keys are supported by mainstream browsers such as Chrome 51.0 and later, and Firefox 60.0 and later. Internet Explorer is not supported.
Bind a U2F security key
You will need a U2F security key device. You can purchase one from a reputable online marketplace or a specialized retailer.
Log on to the Account Center. On the Security Settings page, click Bind next to U2F.
Identity verification is required before you can bind the key. Click Send verification code to email, enter the verification code, and then click Submit for verification.
After verifying your identity, proceed to set up the U2F security key for logging on to your Alibaba Cloud account.
Insert the U2F security key into a USB port on your computer and click OK to continue the setup.
Touch the U2F security key when prompted.
The U2F security key is successfully bound.
The next time you log on to the Alibaba Cloud Console, you must insert the U2F security key for secondary authentication.
If you insert the correct U2F security key, touch the key as prompted and confirm verification. After the key is verified, you are logged on.
If you insert the wrong U2F security key, an error message appears.
If you do not insert a U2F security key, the system prompts you to do so.
Unbind a U2F security key
Log on to the Account Center. On the Security Settings page, click Unbind next to U2F.
Confirm and unbind. Once the key is successfully unbound, you will no longer be prompted for U2F verification when you log on to the Alibaba Cloud console.