For those not familiar with FIDO2, it is an improved version of the FIDO standard – popularly known for the U2F USB tokens provided by Google and Yubico. Now that we've explored what Webauthn is and reviewed critical Webauthn building blocks and protocols, I’ll use this post to break down how you can leverage WebAuthn with FIDO2 to enhance both app security and user experience. Where U2F falls short Let’s be clear. FIDO and U2F are awesome. They are built on open-standards, and are among the best authentication factors out there thanks to a killer combination of user-friendliness and strong resistance to phishing attacks. With U2F, users can authenticate into systems with MFA via a single tap on a USB device. Lovely. And on top of all this, a few different U2F tokens also worked over NFC and Bluetooth, offering a great end user experience for mobile apps. However.