Why you can trust ZDNet
Our recommendations are based on many hours of testing, research, and comparison shopping. We may earn a commission when you purchase a product through our links. This helps support our work but does not influence what we write about or the price you pay. Our editors thoroughly review and fact check every article. Our process

‘ZDNet Recommends’: What exactly does that mean?

ZDNet’s recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.

When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNet nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.

ZDNet's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.


The best security keys: Protect your online accounts

What is the best security key? Our top pick is the Yubico YubiKey 5 NFC. We analyzed each security key's compatibility, authentication type, and security features.

Being sensible when it comes to passwords is important -- it's a crucial step to securing your online life.

However, some of your online accounts -- for example, your Google Account or Dropbox -- might be so important and contain such a wealth of information that you might want to take additional steps to protect them. There's no better way to secure your online accounts than to use hardware-based two-factor authentication (2FA). 

Security keys are cheap, easy to use, put an end to phishing attacks, and are less hassle and much more secure than SMS-based two-factor authentication. And the good news these days is that you can get security keys in a variety of formats: USB-A and USB-C, Lightning for iPhone users, and even keys that use Bluetooth.

So, let's take a look at the best security keys currently available.

Yubico YubiKey 5 NFC

Best security key

Brings together the ubiquity of USB-A with the versatility of wireless NFC, which gives it broad compatibility across a wide range of devices. The FIDO certification means it works with Google Chrome and any FIDO-compliant application on Windows, MacOS, or Linux, and the NFC makes it compatible with iOS and Android devices.

The YubiKey 5 NFC is FIDO certified and works with Google Chrome and any FIDO-compliant application on Windows, MacOS, or Linux. YubiKey USB authenticator includes NFC and has multi-protocol support including FIDO2, FIDO U2F, Yubico OTP, OATH-TOTP, OATH-HOTP, Smart card (PIV), OpenPGP, and Challenge-Response capability to give you strong hardware-based authentication.

YubiKey Bio

Biometric authentication built right into a security key

The YubiKey Bio features biometric authentication built right into a security key! It uses a three-chip architecture that stores the biometric fingerprint in a separate secure element, offering protection from physical attacks.

This, according to Yubico, allows the YubiKey Bio to "act as a single, trusted hardware-backed root of trust which allows the user to authenticate with the same key across multiple desktop devices, operating systems, and applications."

For when biometrics are not supported, users can enter a PIN entered during the initial setup.

The YubiKey Bio supports FIDO2/WebAuthn, U2F and comes in USB-A and USB-C form factors.

Thetis Fido U2F Security Key

A security key that looks like a flash drive

FIDO2 key is backward-compatible with U2F protocol and works with the newest Chrome browser with operating systems such as Windows, MacOS, or Linux. U2F can be supported and protected on all websites that follow U2F protocols.

Designed with a 360-degree rotating metal cover that shields the USB connector when not in use. Also, crafted from a durable aluminum alloy to protect the Key from drops, bumps, and scratches.

A very reasonably priced security key.

Google Titan Security Keys

Google offers a range of keys at a decent price

Titan Security Keys include special firmware engineered by Google to verify the key's integrity and are built on FIDO open standards, so you can use them with many apps and services.

Google offers a range of keys:

  • USB-C
  • USB-A

Kensington Verimark Fingerprint Key

Convenience of using your fingerprint unlock devices

Fingerprint reader with advanced fingerprint technology combines superior biometric performance and 360-degree readability as well as anti-spoofing protection.

Login on your Windows computer using Microsoft's built-in Windows Hello login feature with just your fingerprint. No need to remember usernames and passwords. It can be used with up to 10 different fingerprints, so multiple users can log in to the same computer.

Because the Kensington Verimark Fingerprint Key is FIDO U2F Certified, your fingerprint can protect your cloud-based accounts such as Google, Dropbox, GitHub, and Facebook with FIDO second-factor authentication.

Why are security keys better than SMS-based 2FA?

SMS is open to SIM hijacking, while a physical key cannot be copied or the data intercepted.

How many keys do I need?

I recommend having at least two -- one that you sue, one as a backup.

What is the best security key?

The best security key is the Yubico YubiKey 5 NFC, due to its compatibility, security features, and price.

Is there one security key that does everything?

This depends on your setup and use. I find that I can manage with my YubiKey 5Ci for most of the time, but I do have a USB-C and USB-A YubiKey Series 5 keys as backups. 

How reliable are security keys?

Very reliable. I've been using them for years, and I've never had one break in use (and they've been subjected to heat, water, seawater, and being roughed about a lot).

Are there alternative security keys worth considering?

Here are some other options to look into:

YubiKey 5C NFC

$55 at Amazon

YubiKey 5Ci

$70 at Amazon

Yubico Yubikey 5C

$50 at Amazon

Yubico YubiKey 5 Nano

$50 at Amazon