All Products
Search
Document Center

Account Center:Bind or unbind a U2F security key

Last Updated:Jun 02, 2026

Bind a Universal 2nd Factor (U2F) security key to your Alibaba Cloud account to add two-factor authentication at logon.

What is U2F?

U2F (Universal 2nd Factor) is a two-factor authentication standard from the FIDO (Fast IDentity Online) Alliance. It uses a hardware security key to add a second layer of verification beyond your username and password.

With U2F enabled, logging on to Alibaba Cloud requires two steps:

  1. First-factor authentication: Enter your username and password.

  2. Second-factor authentication: Insert your U2F device and verify the security key.

A U2F security key prevents brute-force attacks and credential theft, significantly improving account security.

Limits

  • You can use a U2F security key for logon verification only on a PC.

  • U2F is in public preview. If you bind a key but are not prompted for U2F authentication at logon, your account is not yet included in the preview.

  • If you click Cancel during U2F authentication, refresh the page and then remove and reinsert the U2F device (hardware limitation).

  • Supported browsers: Chrome 51.0+, Firefox 60.0+. Internet Explorer is not supported.

Bind a U2F security key

Ensure you have a U2F security key device.

  1. Log on to the Alibaba Cloud Account Center. Go to the Security Settings page. In the Other Settings section, find the Universal 2nd Factor row and click Bind.

    image

  2. Complete identity verification: click Send verification code to email, enter the code, and click Submit for verification.

  3. After your identity is verified, follow the on-screen instructions to complete the binding.

  4. After the key is bound, close the page. Return to Account Center and select Bound successfully in the dialog box.

    Bound successfully

  5. On your next logon to the Alibaba Cloud console, insert the U2F security key for second-factor authentication.

    image

    image

Unbind a U2F security key

  1. Log on to the Alibaba Cloud Account Center. Go to the Security Settings page. In the Other Settings section, find the Universal 2nd Factor row and click Unbind.

    image

  2. In the dialog box, click OK. After the key is unbound, U2F authentication is no longer required at logon.

    image