To improve the security of logon to the Alibaba Cloud Management Console, we recommend that you bind a Universal 2nd Factor (U2F) security key to your Alibaba Cloud account. This way, you must pass two-factor authentication before you log on to the Alibaba Cloud Management Console.
U2F overview
Universal 2nd Factor (U2F) is a two-factor identity authentication standard launched by the Fast IDentity Online (FIDO) alliance and is an open authentication standard. It aims to provide a general-purpose password authentication token that is easy to use and drive-free. This allows you to complete high-strength identity authentication by using short passwords when U2F authentication is available. When you perform a logon by using a physical device such as a USB key that supports U2F, you must first enter the username and password for the first-time authentication, and then insert the U2F device for the secondary authentication. Using a U2F security key can effectively prevent brute-force attacks or security vulnerabilities from damaging your account, and significantly improve the account security.
Usage notes
You can use a U2F security key only for logon on a PC.
The U2F security key feature is in public preview. If you have bound a U2F security key to your Alibaba Cloud account, but you are not prompted to insert a U2F security key when you log on, you are not in the public preview list.
If you cancel U2F security key authentication due to hardware reasons, you need to remove and insert the U2F security key after you refresh the page.
The following mainstream browsers support U2F security keys: Google Chrome 51.0, Firefox 60.0, and their later versions. Internet Explorer does not support U2F security keys.
Prerequisites
A U2F security key is prepared. You can purchase a U2F security key on a legit trading platform or in a dedicated store.
Procedure
Log on to the Account Center console. On the Security Settings page, click Bind next to U2F.
Click Send Verification Code in Email. Obtain the verification code in the email, enter the verification code, and then click Submit.
After you pass identity authentication, click OK in the dialog box that appears to set a U2F security key for the current Alibaba Cloud account.
Insert a U2F security key into a USB port of your computer and click OK.
Touch the button on the U2F security key as prompted.
Wait until the U2F security key is bound.
When you log on to the Alibaba Cloud Management Console, insert the U2F security key for two-factor authentication as prompted.
If the U2F security key that you insert is the same as the bound U2F security key, touch the button on the U2F security key as prompted and click OK. After the U2F security key is verified, the logon is successful.
If the U2F security key device that you insert is different from the bound U2F security key, an error message appears.
If no U2F security key is inserted, the system asks you to insert a U2F security key.
