How Intel Core chips could take over two-factor authentication from your phone

Just make sure that your first line of defense—a Windows password or PIN—is secure, too.

Credit: Dashlane

Password manager Dashlane is one of the first consumer-facing companies to take advantage of a little-known feature within Intel’s 8th-generation Core chips that could become much more popular: enabling two-factor authentication with just your PC, and not your phone.

What’s known as Universal Second Factor (U2F) authentication lives within the 8th-generation Core architecture. Typically, two-factor authentication (2FA)—recommended for years as an additional security measure for email, online storage, and other data—requires that a code be sent to your phone either via an app or SMS. Intel’s 8th-gen Core architecture and its associated software cut out the need for a phone, simply requiring you to click a software “button” to authenticate the 2FA transaction. 

Technically, U2F support isn’t new. Intel’s 7th-generation Core chips, known as Kaby Lake, were introduced with a technology known as Software Guard Extensions, or SGX. SGX is essentially a protected area within the chip for storing encryption keys. But only two services announced support for SGX: Dropbox and Duo Security, which announced proofs-of-concept earlier this year.

Once the 8th-generation Core chips ship, Dashlane will immediately be able to take advantage of the built-in technology and use U2F as an additional form of authentication, Allison Baker, the strategic partnerships manager for Dashlane, said. She confirmed that U2F will work with 8th-gen Core chips for consumers, and don’t require Intel’s vPro technology for businesses.

“You don’t need a phone or anything else,” besides a compatible Intel-based PC, Baker said.

Why this matters: Breaking into your PC is bad enough—that’s why there’s Windows Hello, user PINs, and Windows passwords. With web services accessible from just about anywhere, however, there’s a need for a second layer of security to differentiate you from the bad guys. Two-factor authentication helps secure those online transactions; U2F promises to make them less of a hassle.

android new years 2fa Ryan Whitwam

Traditionally, “two-factor authentication” assumes the use of a phone, though a dedicated USB key can also be used.

How U2F works within Intel’s Core chips

The FIDO Alliance developed U2F as an open authentication standard, designed to help simplify two-factor authentication. For the purposes of registering with an online service like Dashlane, two “keys” are created: a public one, which is registered with the service itself, as well as a private one, which is stored within the Core chip on the client PC.

According to Dashlane’s Baker, the client’s private key signs an assertion that the service can verify as coming from the client PC. But the signature is only released after the user verifies his presence by clicking a button on the screen, displayed by Intel’s Online Connect middleware. Intel’s been busy working on PC security solutions for years; last year, Intel showed off its Authenticate technology, combining fingerprints, PIN, paired phones, and more. 

According to a GIF Dashlane prepared to demonstrate the process, authenticating with Dashlane requires entering your password. Intel’s Online Connect will then find the security key. Sending it on its way requires clicking on a button that appears randomly within a separate window, within 15 seconds. That window uses what’s called Intel Protected Transaction Display technology, which actually generates the screen from within the Intel chip itself. The user sees the button; according to Intel, any man-in-the-middle attacker would merely see a blank, black box with no indication on where to click.

It appears, though, that U2F places more of an emphasis on the first line of security used to defend your PC: Windows Hello, a PIN, or a password. If an attacker were able to guess your PIN while you left your eighth-generation PC alone to buy a cup of coffee, they’d still need to know your Dashlane master password to log in. But with traditional two-factor, phone-based authentication, a service like Dashlane would also buzz your phone—which you might have in your pocket, alerting you that an attack was in progress.

In any event, though, services like Dashlane appear to be preparing to take advantage of the U2F capabilities built into Intel’s Core chips. Passwords used to be sufficient, but complex, hard-to-guess passwords can be a pain to use repeatedly. The challenge is to offer security without imposing too much of a burden on the user, and Intel and its partners appear to be zeroing in on quick, convenient security methods.

Join the newsletter!

Or
Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags intel

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Mark Hachman

PC World (US online)
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?