That's an understatement, they've co-invented it, it was called Project Gnubby at the time. As part of their BeyondCorp project they needed better 2FA and Gnubby was standardized under the FIDO Alliance. Their U2F user study[1] is interesting.
> But since then?
http://www.dongleauth.info/ has a list but yes, adoption has been slow. The W3C Web Authentication spec[2] (which is the successor to the FIDO work) will hopefully see better adoption, and it'll work with existing U2F tokens. Microsoft for example has skipped FIDO 1.0 and committed to the W3C spec instead[3].
That's an understatement, they've co-invented it, it was called Project Gnubby at the time. As part of their BeyondCorp project they needed better 2FA and Gnubby was standardized under the FIDO Alliance. Their U2F user study[1] is interesting.
> But since then?
http://www.dongleauth.info/ has a list but yes, adoption has been slow. The W3C Web Authentication spec[2] (which is the successor to the FIDO work) will hopefully see better adoption, and it'll work with existing U2F tokens. Microsoft for example has skipped FIDO 1.0 and committed to the W3C spec instead[3].
1: http://fc16.ifca.ai/preproceedings/25_Lang.pdf 2: https://www.w3.org/TR/webauthn/ 3: https://developer.microsoft.com/en-us/microsoft-edge/platfor...