Universal-second factor devices are the new hotness in the two-factor login world. Sleek, sophisticated and secure, they combine high-quality crypto with an even-your-dog-could-use-it one-touch interface to produce a smooth and pleasant login experience.

U2F devices are built on public-key crypto, where the device signs challenges produced by the server. They have many interesting features, including a certificate to identify the device provider, and mechanisms to detect cloned devices and know if the user is actually present when the device is activated. The way they generate key pairs is also quite clever, allowing for devices with no on-board storage at all.

In this talk I'll tell you what U2F is, why it's important, how it works and how to implement it in your service or application. I'll also have some devices to give away to help you get started with this fascinating two-factor technology.