ZDNet independently tests and researches products to bring you our best recommendations and advice. When you buy through our links, we may earn a commission.Our process
'ZDNet Recommends': What exactly does it mean?
ZDNet's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.
When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNet nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.
ZDNet's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.
Being sensible when it comes to passwords is important -- it's a crucial step to securing your online life.
However, some of your online accounts -- for example, your Google Account or Dropbox -- might be so important and contain such a wealth of information that you might want to take additional steps to protect them. There's no better way to secure your online accounts than to use hardware-based two-factor authentication (2FA).
Security keys are cheap, easy to use, put an end to phishing attacks, and are less hassle and much more secure than SMS-based two-factor authentication. And the good news these days is that you can get security keys in a variety of formats: USB-A and USB-C, Lightning for iPhone users, and even keys that use Bluetooth.
So, let's take a look at the best security keys currently available.
Brings together the ubiquity of USB-A with the versatility of wireless NFC, which gives it broad compatibility across a wide range of devices. The FIDO certification means it works with Google Chrome and any FIDO-compliant application on Windows, MacOS, or Linux, and the NFC makes it compatible with iOS and Android devices.
The YubiKey 5 NFC is FIDO certified and works with Google Chrome and any FIDO-compliant application on Windows, MacOS, or Linux. YubiKey USB authenticator includes NFC and has multi-protocol support including FIDO2, FIDO U2F, Yubico OTP, OATH-TOTP, OATH-HOTP, Smart card (PIV), OpenPGP, and Challenge-Response capability to give you strong hardware-based authentication.
The YubiKey Bio features biometric authentication built right into a security key! It uses a three-chip architecture that stores the biometric fingerprint in a separate secure element, offering protection from physical attacks.
This, according to Yubico, allows the YubiKey Bio to "act as a single, trusted hardware-backed root of trust which allows the user to authenticate with the same key across multiple desktop devices, operating systems, and applications."
For when biometrics are not supported, users can enter a PIN entered during the initial setup.
The YubiKey Bio supports FIDO2/WebAuthn, U2F and comes in USB-A and USB-C form factors.
FIDO2 key is backward-compatible with U2F protocol and works with the newest Chrome browser with operating systems such as Windows, MacOS, or Linux. U2F can be supported and protected on all websites that follow U2F protocols.
Designed with a 360-degree rotating metal cover that shields the USB connector when not in use. Also, crafted from a durable aluminum alloy to protect the Key from drops, bumps, and scratches.
Fingerprint reader with advanced fingerprint technology combines superior biometric performance and 360-degree readability as well as anti-spoofing protection.
Login on your Windows computer using Microsoft's built-in Windows Hello login feature with just your fingerprint. No need to remember usernames and passwords. It can be used with up to 10 different fingerprints, so multiple users can log in to the same computer.
Because the Kensington Verimark Fingerprint Key is FIDO U2F Certified, your fingerprint can protect your cloud-based accounts such as Google, Dropbox, GitHub, and Facebook with FIDO second-factor authentication.