If you’ve ever had your email account or social media account hacked, you understand the frustration that it can cause. Two-factor authentication helps combat that by sending a code to your phone number or email address when you, or someone else, is attempting to access your account. By all means, this works well to add extra protection, but the best way to protect your accounts is with a physical security key.
How Do Security Keys Work?
If you already have 2FA set up for most of your accounts and think your information is fully protected, first off, good for you! But your information could still easily get stolen. All it takes is one spam text message with a link to a fake website that asks you to enter your 2FA password information. If you think “that would never happen to me,” think about all those crazy stories you read on your timeline about hackers ransoming a corporation for money. Many of those started from a single phishing email or text message. But that’s where a security key can combat those types of attacks.
Consider the same scenario from above, the hacker could still have your password, but if they don’t have the physical security key with them, they won’t have access. That physical level of security is virtually impossible for a hacker to replicate.
Keep in mind that not all apps, websites or services support a physical security key, although major players like Google, Microsoft, Facebook, Twitter, Dropbox and others do. If you are unsure of what you can protect with your physical key visit 2fa.directory for a comprehensive list of what you can protect with a security key.
What to Look For in a Security Key
Here are a few factors on deciding what security key is right for you:
- Compatibility – Make sure your security key works for the device(s) you are trying to protect. Devices with Bluetooth NFC work are great for both computer and mobile devices.
- Security Standards – The security key should have the correct security standards (FIDO2 for example) for the devices or applications you are trying to protect.
- Setup – A device that is easy to set up is most desirable.
- Cost – Depending on your needs, security keys range from sub $20 to $70 in price.
Now that you’re set on locking down your information so scumbag hackers can’t access your information, here are the best security keys for the job:
1. Yubico YubiKey 5 NFC
When the company (Yubico) is one of the developers of an authentication standard used by other security keys, you get a pretty good sense that the company’s security keys are damn good. In the case of YubiKey 5 NFC, you won’t find a better security key. It is small, lightweight and durable — virtually crush-proof — and connects to your devices via USB-A or through NFC Bluetooth. It supports a wide variety of security standards like FIDO U2F, FIDO 2, OTP and others, which means you can use this for all your social media, browsers and multiple devices, and it even has a convenient keyhole ring to attach to your keys.
2. FIDO U2F Security Key
BEST FOR CHROME
This is a great option for two main reasons: it is inexpensive compared to other security keys and the FIDO UF2 standard provides secure access when using Chrome on both Mac and PC browsers. The downside is that it only supports FIDO UF2 and doesn’t have Bluetooth connectivity. And if you are sporting a newer computer, like a new MacBook or Dell XPS for instance, you’ll need to look for another option. But if you are looking to save a little bit of money, and want extra protection for Chrome, this is a good choice.
3. Google Titan Security
GREAT FOR GMAIL PROTECTION
Available in both USB-A and USB-C varieties, this security key provides grand protection for email and many other services and applications thanks to FIDO open standards. The Google key works with both Mac and PC as well as Android and iOS devices thanks to NFC. When you combine this security key with Google’s Advanced Protection Program (APP for short) you pretty much lock your Google account in a vault and only you can gain access.
4. Yubico Security Key
If you can’t justify spending $45 on the Yubico YubiKey 5, you can save half of your money and go with the similar Yubico Security Key. What’s the catch? It only supports FIDO protocols, but that should be enough for average users. But other than that, it’s virtually the same security key. There’s even a keyhole to keep it attached to your keys. And it’s simple to use — just plug it into your computer’s USB-A port and press the gold circle.
MULTIPLE STEP AUTHENTICATION
When you want to lock your information into Fort Knox, CryptoTrust OnlyKey offers many variations of authentication to secure your information. For instance, each of the six buttons can be short pressed or long pressed to create a physical passcode. Once you set that, you can set up a PIN number or password providing three-step authentication. Take that set of procedures and multiply it by 24 — that’s how many passwords and usernames it can store. Essentially one key can serve as the ultimate security door for an entire team.
6. YUBICO YUBIKEY 5CI
BEST FOR IPHONE USERS
Equipped with both a USB-C and lightning connector this security key is compatible with iOS and macOS, but also Windows, and Linux. It’s a solid choice for extra security when it comes to applications or services like Facebook, Gmail, Dropbox or Outlook just to name a few. It has plenty of security protocol support that you’d expect from a Yubico security key. The only downside is it’s the most expensive security key we’ve seen.
7. HyperFIDO Titanium Pro
In the scenario where even the Yubico Security Key is a little too pricey for your blood, the HyperFIDO Titanium PRO provides an even more affordable option to protect your information. It boasts FIDO UF2, FIDO2 and HOTP (a one-time password authentication) for your computer or mobile devices. Speaking of mobile devices, if you want to use this security key for mobile, you will need to buy the adapter. The one-time password is great for a scenario where you are out of the office but a team member needs to get on your computer. You can set up the one-time password on the HyperFIDO website so it’s ready to use whenever you need it.