GitHub has introduced Soft U2F, a software-based U2F authenticator for macOS, to encourage wider adoption of FIDO U2F second factor authentication by eliminating the need for a physical device. This initiative follows GitHub's previous implementation of TOTP-based two-factor authentication, with U2F offering a superior user experience and addressing security issues associated with TOTP. Soft U2F functions by emulating a HID device, allowing it to interact with U2F-enabled browsers and compatible websites, with key storage managed through the macOS Keychain. While hardware key storage is typically more secure as it protects against malware access, the software-based U2F still provides substantial defense against common cyber threats like password dumps and phishing. Despite potential security trade-offs, many users may find the convenience of Soft U2F appealing.