Yubikey Hardware Token(U2F/WebAuthn) -

U2F is an abbreviation of the English phrase Universal Second Factor. There are many methods of two-factor authentication, although authentication based on U2F keys is indicated by cybersecurity specialists as the most secure mechanism. It makes your system completely resistant to phishing and it is very easy to use as well. This authentication method is based on the principle of public-key cryptography.

Please note that this 2FA method can only be used if your SSL is set up on your Atlassian instance. In this authentication method, every user will have a hardware key and to authenticate, the user simply inserts the U2F key into a USB port and then confirms their identity by pressing a button on the key.

Hardware tokens can be easily configured as a 2FA method by following a simple two-step process - registration and authentication. Registration involves the generation of a private key for encryption. The request to register a U2F token is confirmed by pressing a button on the hardware token which acts as a secret key. Decryption is performed during authentication. Configured hardware token when inserted into the system is authenticated by pressing the button on the token.

Hardware tokens are more secure than software 2FA methods as the attacker won’t get access to the account easily as most keys require a physical touch on the hardware device.

Please refer to this user guide to see how to configure Hardware Token - Add the link to the user guide