Is it possible to use Android as a 2FA device, like the 2-factor YubiKey sticks? Seems like it should be possible since I know Android is capable connecting as a USB accessory.
Asked
Active
Viewed 2,539 times
2
-
even if it would be possible. I wouldnt do this. the wholesecurity point in u2f is the symmetric encryption key, which then again encrypts the assymetric private key which will be stored on the service.if you U2F symmetric key leaks for some reason, you have the problem that anyone you spoof your u2f and even lock you out (because similar to HOTPs, u2f has a counter and "older" signatures will be shut out to get against a replay attack.). on a proper u2f device the key is on a smartcard like chip, meaning it cant get out no matter what. this looks different on a Phone, so it's bad security. – My1 Jan 28 '16 at 01:27
2 Answers
0
I would say that you cannot do this, or at the very leeast without either having root or OS Support for it.
while Android can connect over USB there are on recent androids only 2 ways to do so: MTP (Media Transfer Protocol) PTP (Picture Transfer Protocol, usually for cameras but included for compatibility) earlier androids also had a Mass storage mode, which was before MTP was widely supported.
a U2F Stick work quite a bit different. Explaining it easy it is a bit similar to a smartcard (even though the system sees it as HID device), your browser puts in the challenge data and the Stick signs it.
it might be possible over Bluetooth or NFC (because U2F doesnt specify a transfer channel, so it can be pretty much anything) but you wont get much support out of those.
My1
- 475
- 5
- 21
-1
In my opinion USB connection is a disadvantage for the token as not all devices have a USB port so there are limited devices where you can use it.
Use 2FA app which can be installed on Android device. It is the best solution if you want to use your phone as a 2FA device. These apps are autonomous and do not connect to any servers (except time synchronization) and no USB connection required.
Christian
- 315
- 2
- 7