Why you can trust ZDNET
:ZDNET independently tests and researches products to bring you our best recommendations and advice. When you buy through our links, we may earn a commission.Our process
'ZDNET Recommends': What exactly does it mean?
ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.
When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.
ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.
It's not often that I say you absolutely need to buy something. But this is something you need to buy.
Two-factor authentication -- a combination of something you remember (such as a password) and something you have (a smartphone or a token) -- offers far better security than relying on passwords alone. And while SMS-based authentication is better than nothing, what's even better is hardware-based authentication.
I've tested dozens of hardware-based security keys, and the one that I use to secure my online accounts is the Yubikey 5C NFC.
This, for me, is the ultimate security key, offering simple, easy-to-use, yet effective security.
The Yubikey 5C NFC is a two-factor, multi-factor and passwordless authentication security key that also offers touch-to-sign functionality. It supports a wide array of protocols -- FIDO2, U2F, Smart card, OTP, OpenPGP 3 -- which means it can offer strong security for legacy and modern environments.
What I like about the Yubikey 5C NFC is that it offers the best of all worlds.
Along with all the cryptographic wizardry that handles the security functionality, the 5C NFC features both a USB-C and NFC for connecting the key to devices, giving it really broad compatibility.
You get the convenience of both a hardwired and wireless connection.
I use this on laptops and desktop systems (you can even use it on systems that only have USB-A ports if you have an adapter), Android smartphones, and even on my iPhone on and iPad.
Yes, you can use NFC on the iPhone.
Everything is packaged into a tough, IP68 rated, crush-resistant plastic shell. And the keys don't need batteries or recharging.
This one key works on everything I need it to work on.
I've been carrying my Yubikey 5C NFC keyring for some time now, and it stands up to the rough abuse that things in my possession have to endure. That said, it's recommended that you have a backup key in case your main key is lost, stolen, or damaged in some way. Note that you will have to register your second key, but that some services don't support multiple keys.
The Yubikey 5C NFC is an accessory that I use pretty much every day. For me, it's one of those must-have things that isn't as shiny and exciting as a new smartphone, but it's absolutely indispensable.
And for $55, it's far more affordable than a new smartphone or laptop.