Being sensible when it comes to passwords is important -- it's a crucial step to securing your online life.
However, some of your online accounts -- for example, your Google Account or Dropbox -- might be so important and contain such a wealth of information that you might want to take additional steps to protect them. There's no better way to secure your online accounts than to use hardware-based two-factor authentication (2FA).
Security keys are cheap, easy to use, put an end to phishing attacks, and are less hassle and much more secure than SMS-based two-factor authentication. And the good news these days is that you can get security keys in a variety of formats: USB-A and USB-C, Lightning for iPhone users, and even keys that use Bluetooth.
So, let's take a look at the best security keys currently available.
Brings together the ubiquity of USB-A with the versatility of wireless NFC, which gives it broad compatibility across a wide range of devices. The FIDO certification means it works with Google Chrome and any FIDO-compliant application on Windows, MacOS, or Linux, and the NFC makes it compatible with iOS and Android devices.
The YubiKey 5 NFC is FIDO certified and works with Google Chrome and any FIDO-compliant application on Windows, MacOS, or Linux. YubiKey USB authenticator includes NFC and has multi-protocol support including FIDO2, FIDO U2F, Yubico OTP, OATH-TOTP, OATH-HOTP, Smart card (PIV), OpenPGP, and Challenge-Response capability to give you strong hardware-based authentication.
The YubiKey Bio features biometric authentication built right into a security key! It uses a three-chip architecture that stores the biometric fingerprint in a separate secure element, offering protection from physical attacks.
This, according to Yubico, allows the YubiKey Bio to "act as a single, trusted hardware-backed root of trust which allows the user to authenticate with the same key across multiple desktop devices, operating systems, and applications."
For when biometrics are not supported, users can enter a PIN entered during the initial setup.
The YubiKey Bio supports FIDO2/WebAuthn, U2F and comes in USB-A and USB-C form factors.
FIDO2 key is backward-compatible with U2F protocol and works with the newest Chrome browser with operating systems such as Windows, MacOS, or Linux. U2F can be supported and protected on all websites that follow U2F protocols.
Designed with a 360-degree rotating metal cover that shields the USB connector when not in use. Also, crafted from a durable aluminum alloy to protect the Key from drops, bumps, and scratches.
A very reasonably priced security key.
Titan Security Keys include special firmware engineered by Google to verify the key's integrity and are built on FIDO open standards, so you can use them with many apps and services.
Google offers a range of keys:
Fingerprint reader with advanced fingerprint technology combines superior biometric performance and 360-degree readability as well as anti-spoofing protection.
Login on your Windows computer using Microsoft's built-in Windows Hello login feature with just your fingerprint. No need to remember usernames and passwords. It can be used with up to 10 different fingerprints, so multiple users can log in to the same computer.
Because the Kensington Verimark Fingerprint Key is FIDO U2F Certified, your fingerprint can protect your cloud-based accounts such as Google, Dropbox, GitHub, and Facebook with FIDO second-factor authentication.
Why are security keys better than SMS-based 2FA?
SMS is open to SIM hijacking, while a physical key cannot be copied or the data intercepted.
How many keys do I need?
I recommend having at least two -- one that you sue, one as a backup.
What is the best security key?
The best security key is the Yubico YubiKey 5 NFC, due to its compatibility, security features, and price.
Is there one security key that does everything?
This depends on your setup and use. I find that I can manage with my YubiKey 5Ci for most of the time, but I do have a USB-C and USB-A YubiKey Series 5 keys as backups.
How reliable are security keys?
Very reliable. I've been using them for years, and I've never had one break in use (and they've been subjected to heat, water, seawater, and being roughed about a lot).
Are there alternative security keys worth considering?
Here are some other options to look into: