News

Published on December 12th, 2019 📆 | 5934 Views ⚑

0

Best hardware security keys for two-factor authentication


Text to Speech

If you use two-factor authentication (also known as 2FA) on your online accounts, you may want to switch to a hardware security key.

For those who don't know, two-factor authentication usually works like this: When enabled on an account like Twitter, you can attempt to log in, but that'll trigger a temporary code to be sent to your phone via SMS. Only you should have access to your phone (one factor) and sign-in credentials (the second factor), so two-factor authentication helps verify your identity and ensures only you are logging into your account.

There are downsides to two-factor authentication. If you lose your phone, or if it's breached like by a hacker who's swapped your SIM or simply gained access to your device while you're not around, obviously they'll be able to retrieve this code and potentially use it to hack into your account (especially if they know your sign-in credentials). Luckily, a security key helps you avoid this nightmare.

YubikeyWhat are hardware security keys how do they work and which is the best image 5

What is a hardware security key?

Hardware security keys (also called U2F keys or physical security keys) offer an extra layer of security to your online accounts. They provide protection against automated bots and targeted attacks by leveraging cryptography to verify your identity and the URL of the login page. They're therefore phishing-resistant, as they can ascertain whether you're trying to log into a legit service.

They connect to your device via USB-A, USB-C, Lightning, NFC, and Bluetooth and are portable enough to be carried on a keychain. Most of them use an open authentication standard called FIDO U2F (or the improved Fido2 standard), and some even feature hardware that's designed to resist physical attacks aimed at extracting firmware and material from the key itself.

Hardware security keys are made by various manufacturers and work with the most popular web browsers, as well as hundreds of apps and online services. They can even help you log in to your workstation. Overall, they're not hard to use and are relatively inexpensive to buy. 





ThetisWhat are hardware security keys how do they work and which is the best image 3

How do hardware security keys work?

When you insert a hardware security key into your device (or wirelessly connect it), and then press a button on the key, the key will be presented with a challenge that it cryptographically signs, thereby verifying your identity and whatever it is you're trying to access. If you lose your hardware security key, you can always use two-factor authentication on your phone (or an authenticator app) to log in.

Supported apps and devices

Many online accounts, apps, services, and sites support hardware security keys, including Twitter, Facebook, Google, Instagram, GitHub, Dropbox, Electronic Arts, Epic Games, Microsoft account services, Nintendo, Okta, and Reddit. You can also use hardware security keys to log into your devices, including iOS and Android devices, Macs, and Windows 10 machines.

The Fido2 standard on some hardware security keys can work with Windows Hello and Microsoft’s Edge browser, too. Be sure to do your research and look into whether your device and most-used online accounts support hardware security keys before you take the plunge and invest in one.

YubikeyWhat are hardware security keys how do they work and which is the best image 2

How to set up a hardware security key

All hardware security keys tend to work the same, as we've detailed above, but setting them up varies by app and device. To give you an idea of how one works with an online account, we've detailed the exact steps for pairing a hardware security key with your Facebook account.

Paring a hardware security key to Facebook

  1. Log into your Facebook account.
  2. Click on the drop-down menu icon in the corner and select “Settings.”
  3. Now you’re at “General Account Settings.”
  4. Select the “Security and Login” link from the left sidebar.
  5. Scroll down until you see the section called “Two-Factor Authentication.”
  6. Click “Edit” on the “Use two-factor authentication” option.
  7. Click on “Get Started” to set up a text message or an authentication app.
  8. Go back to “Two-Factor Authentication” and scroll down to “Add a Backup.”
  9. Select “Setup” for the Security Key option.
  10. Enter your Facebook password and click “Submit.”
  11. Connect your security key (usually by inserting it in the USB port).
  12. Tap the key's button.
  13. You should get a confirmation pop-up.
GoogleWhat are hardware security keys how do they work and which is the best image 4

Which hardware security key is the best?

There are several choices to choose from. Yubico, which helps develop is the FIDO U2F authentication standard, is one of the more popular options and has different models available. Google sells its own key, called the Titan, and it includes a spare key with Bluetooth functionality. Other hardware security key manufacturers include Kensington and Thetis.

Here's our pick of the best ones you can buy:



Source link

Tagged with: • • •



Comments are closed.






Š Torchsec  Privacy Policy Disclaimer  T&C



Back to Top ↑