[Noob question] Why can’t U2F be the only second factor?

Hello everyone. I've recently decided to strengthen my internet security and privacy. I've purchased U2F key to use it as 2nd factor wherever it's possible. What struck me, was that I can't use the physical key as the only second factor. I always have to enable soft-generated tokens first, only then I can register physical key(s) as an alternative. Disabling OTP disables MFA altogether. This is true for many websites as well as my password manager. Hence, my questions:

  1. Doesn't it nullify U2F's advantage if it's only an alternative to soft tokens?
  2. Is there a reason for such policy?

Touch here for the full post on Network Security Noblemen tumblr

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s