Universal 2nd Factor is the next step in hardware-assisted authentication for cloud services and more. U2F specify a USB-based protocol for offloading the private-key handling for strengthening username/password logins, and is supported by Chrome and Google (for gmail.com users) since October 2014. By using dedicated hardware that require physical presence, issues with common solutions (one-time-password or certs) are improved on. This talk will be about the U2F protocol, and the free software implementations that we are writing. There will be hands-on demo of the user-experience and also details about the implementation.