VaultumCity is the best trusted place to select and buy your best Yubikeys, Vaultumcity free ship all yubikeys, Vaultumcity is reseller distributor of yubikeys so you can find cheapest best yubikey in Vaultumcity. If you are looking for best Yubikeys in Singapore at VaultumCity website online store.
มันคืออะไร? YubiKey—เหมือนกับอุปกรณ์อื่นๆ ที่คล้ายกัน—คือกุญแจโลหะและพลาสติกขนาดเล็กที่มีขนาดเท่ากับแท่ง USB พวกเขาเสียบเข้ากับคอมพิวเตอร์ของคุณและบางส่วนยังเชื่อมต่อกับโทรศัพท์ของคุณ คุณสามารถใช้มันในที่ใดก็ได้พร้อมกับรหัสผ่านของคุณเพื่อตรวจสอบการเข้าสู่ระบบเว็บ
YubiKey เป็นอุปกรณ์ที่ทำให้การรับรองความถูกต้องด้วยสองปัจจัยง่ายที่สุด แทนที่จะส่งข้อความถึงคุณหรือสร้างโดยแอพบนโทรศัพท์ของคุณ คุณกดปุ่มบน YubiKey ของคุณ แค่นั้นแหละ. อุปกรณ์แต่ละเครื่องมีรหัสที่ไม่ซ้ำกันซึ่งใช้ในการสร้างรหัสที่ช่วยยืนยันตัวตนของคุณ
YubiKey บน iPhone คืออะไร?
YubiKey 5Ci ช่วยให้เชื่อมต่อโดยตรงกับอุปกรณ์ iOS/iPadOS ด้วยพอร์ต Lightning บางรุ่นที่ใช้พอร์ตนี้รวมถึง (แต่ไม่จำกัดเฉพาะ) iPhone SE, iPhone 7, iPhone 8, iPhone X และ iPads ที่ทันสมัยที่สุด (ไม่รวม iPad Pro รุ่นใหม่ล่าสุดซึ่งใช้พอร์ต USB-C)
ใช่. การรักษาความปลอดภัย 2FA บนฮาร์ดแวร์ YubiKey 5 NFC ($ 45) เป็นอุปกรณ์ที่บางแต่ทนทานซึ่งพอดีกับพอร์ต USB Type-A มาตรฐานและยังรองรับการเชื่อมต่อ NFC … โดยพื้นฐานแล้วเนื่องจากคีย์ที่ใช้ฮาร์ดแวร์มีความปลอดภัยมากกว่าตัวเลือกที่ใช้ SMS และซอฟต์แวร์อย่างมาก
ภายในของอัลกอริธึมความปลอดภัยของ YubiKey ในปัจจุบันจำกัดแต่ละคีย์ให้ใช้งานได้นาน 30 ปีขึ้นไป Yubikey ใช้พลังงานจากพอร์ต USB ดังนั้นจึงไม่ต้องใช้แบตเตอรี่และไม่มีจอแสดงผลที่สามารถแตกหักได้ ตัวกุญแจเองจะคงอยู่ได้นานหลายปีในการใช้งานทุกวัน
ไม่เหมือนกับ 2FA อื่น YubiKeys ไม่จัดเก็บข้อมูล ไม่มีการเชื่อมต่อเครือข่าย และไม่ทำงานบนซอฟต์แวร์
จะเกิดอะไรขึ้นถ้ามีคนขโมย YubiKey ของคุณ?
YubiRevoke เป็นบริการเพิกถอนฟรี บริการนี้ป้องกันการใช้ YubiKeys ในทางที่ผิดในกรณีที่สูญหายหรือถูกขโมย และเราแนะนำให้ลูกค้าสร้างบัญชี YubiRevoke และลงทะเบียน YubiKeys ทันทีที่ได้รับ
YubiKey ยังอนุญาตให้จัดเก็บรหัสผ่านแบบคงที่เพื่อใช้ในไซต์ที่ไม่รองรับรหัสผ่านแบบใช้ครั้งเดียว ทั้ง Google และ Facebook ใช้อุปกรณ์ YubiKey เพื่อรักษาความปลอดภัยให้กับบัญชีพนักงานและบัญชีผู้ใช้ปลายทาง ผู้จัดการรหัสผ่านบางคนรองรับ YubiKey
YubiKey 5 Series คุ้มค่ากับราคาสูงเพราะเข้ากันได้กับบริการต่างๆ มากกว่าคีย์อื่นๆ และเพิ่มความพิเศษที่น่ามี … ไม่มีคีย์อื่นๆ ที่เราทดสอบ รวมทั้งคีย์ความปลอดภัยที่ถูกกว่าของ Yubico ที่มีฟังก์ชันนี้
วิธีแก้ปัญหา: YubiKey + ตัวจัดการรหัสผ่าน การใช้แอปพลิเคชันตัวจัดการรหัสผ่านเป็นวิธีที่ดีที่สุดในการสร้างและรักษารหัสผ่านที่รัดกุมและไม่ซ้ำกันสำหรับการเข้าสู่ระบบบัญชีของคุณทั้งหมด และการปกป้องตัวจัดการรหัสผ่านของคุณด้วย YubiKey เป็นวิธีที่ปลอดภัยที่สุดในการจัดการข้อมูลประจำตัวดิจิทัลหลายรายการ
เพื่อความปลอดภัย เฟิร์มแวร์บน YubiKey ไม่อนุญาตให้อ่านความลับจากอุปกรณ์หลังจากที่เขียนไปยังอุปกรณ์แล้ว ดังนั้นคุณจึงไม่สามารถทำซ้ำหรือสำรองข้อมูล YubiKey หรือคีย์ความปลอดภัยได้
YubiKey NFC ปลอดภัยหรือไม่?
NFC-ENABLED: รับการรับรองความถูกต้องด้วยการสัมผัสสำหรับอุปกรณ์และแอปพลิเคชัน Android และ iOS ที่รองรับ NFC เพียงแตะแล้วไป! ทนทานและปลอดภัย: YubiKeys มีความปลอดภัยและทนทานเป็นพิเศษ มีความทนทานต่อการงัดแงะ กันน้ำ และทนต่อการกดทับ
ผู้ใช้ธนาคารออนไลน์ของ Bank of America หลายคนที่มี YubiKey สามารถลงทะเบียนคีย์ความปลอดภัยสำหรับการตรวจสอบสิทธิ์แบบสองปัจจัยในการลงชื่อเข้าใช้บัญชี (2FA) ในการลงชื่อเข้าใช้บัญชี รวมถึงตั้งค่าคุณสมบัติ Secured Transfer เพื่อเพิ่มชั้นการรักษาความปลอดภัยทางกายภาพเพิ่มเติมให้กับระบบออนไลน์ของตน บัญชีผู้ใช้.
แต่ละฟังก์ชันบน YubiKey สามารถยอมรับและจัดเก็บข้อมูลในรูปแบบที่เหมาะสมเท่านั้นสำหรับการตรวจสอบสิทธิ์อย่างปลอดภัยด้วยโปรโตคอลการตรวจสอบความถูกต้องที่รองรับต่างๆ ข้อมูลที่โหลดทั้งหมดจะถูกเก็บไว้ใน EEPROM ที่ปลอดภัยในพื้นที่หน่วยความจำที่จัดสรรให้กับแอปพลิเคชันที่ใช้ข้อมูล
ฉันสามารถใช้ YubiKey ทำอะไรได้บ้าง
YubiKey เป็นอุปกรณ์ที่ทำให้การรับรองความถูกต้องด้วยสองปัจจัยง่ายที่สุด แทนที่จะส่งข้อความถึงคุณหรือสร้างโดยแอพบนโทรศัพท์ของคุณ คุณกดปุ่มบน YubiKey ของคุณ แค่นั้นแหละ. อุปกรณ์แต่ละเครื่องมีรหัสที่ไม่ซ้ำกันซึ่งใช้ในการสร้างรหัสที่ช่วยยืนยันตัวตนของคุณ
Vaultumcity จำหน่าย Yubikeys ทั่วโลก คุณสามารถสั่งซื้อ Yubikeys ทางออนไลน์ได้ที่ https://vaultumcity.com เราส่ง Yubikeys ไปที่ประตูคุณโดยไม่เสียค่าขนส่ง
YubiKey ถือเป็นหนึ่งในเครื่องมือที่ปลอดภัยที่สุดสำหรับการตรวจสอบสิทธิ์แบบสองปัจจัย รหัสผ่านสามารถใช้สำหรับการลงชื่อเข้าใช้ การฝากหรือถอนเงินจากบัญชีของคุณหรือเป็นมาสเตอร์คีย์
ทำไม YubiKey ถึงมีราคาแพง?
การออกแบบ ปั้น การผลิต ขาย และสนับสนุนผลิตภัณฑ์ฮาร์ดแวร์นั้นมีค่าใช้จ่ายสูง แม้จะมีขนาดเล็กเช่นนี้ก็ตาม เนื่องจากคุณไม่ต้องการให้บริษัท 2FA ของคุณเลิกกิจการ การรู้ว่าพวกเขามีรูปแบบธุรกิจที่มั่นคงซึ่งสามารถช่วยสนับสนุนบริษัทได้จริง มากกว่าแค่การเผาเงินทุน
The shop that sells yubikeys is https://vaultumcity.com/product-category/yubikey/
Our delivers are from Singapore, distribute globally. Buying Yubikey in Vaultum to have best customer and after sales services. All Yubikeys sold at Vaultumcity are quality guaranteed. Please place a large amount order to have great discount for reseller.
Contact Vaultumcity at https://vaultumcity.com/contact/ whenever you have any issue with your yubikeys. Buying yubikeys at Vaultumcity to have best newest yubikeys free shipped to your door, FIDO2 U2F SECURITY KEY C NFC, FIDO2 U2F SECURITY KEY NFC, YubiKey 5 Nano, YUBIKEY 5 NFC, YubiKey 5C, YubiKey 5C nano, YubiKey 5C NFC, YUBIKEY 5Ci, YubiKey Bio – FIDO Edition. Yubikeys are best most secure tools for two-factor authentication.
Vaultumcity ship your yubikeys to your home in Thailand, especially in Bangkok, Chiang Mai, Phitsanulok, Phuket, Pattaya, Ubon Ratchathani and all other places, to help ensure your data is safe and secured.
Google YubiKey setup. You will be asked to plug in your device and press the button on it. Google confirm YubiKey- Do that. Your browser may ask for permission to access your key, but once you give that permission, you should get a confirmation that your key is set up. You can optionally give it a name, which is useful if you have multiple YubiKeys. Google YubiKey working. That’s it. You can now use your YubiKey to log in to your Google account on any device. Repeat this process for every account you want to lock down in this way.
A good password manager is the first step to online security, but not the last. When two-factor authentication (2FA) is available, you should use that with your online accounts, too. While the most familiar form of 2FA is a one-time-use code texted to your phone, the most secure version is a physical security key that serves that purpose instead. With a security key, nobody can get into the accounts where you set it up unless they have both your password and physical access to the key. The Yubico Security Key, which is available for both USB-A and USB-C ports, has the best combination of compatibility, usability, and security of any key we tested.
Although security keys are more secure than authenticator apps, they’re not the best choice for people who tend to lose things. Most people should have at least two security keys: one for everyday use and a backup key that can stay somewhere secure, such as in a safe, if you lose your everyday key. Some people may want additional keys for different devices.
We recommend having at least one backup security key to use in case you lose your main one.
Each Security Key model fits either a USB-A or USB-C port, and most phones support NFC, so the keys should work fine for most devices. Get whichever key fits into the port on your computer. If you need more options, such as Lightning for a physical connection to an iPhone (or certain models of iPad), or if you want thumbnail-sized keys that don’t stick out, go with the YubiKey 5 Series.
In some cases, experts suggest, programs and security keys that use open-source software, which allows anyone to review the program’s code, are more secure. All Yubico keys are closed source, but the company has built trust around its security practices in other ways, including internal and third-party security assessments of its code for every major release. When Yubico had a vulnerability in its YubiKey FIPS Series of keys (used by government agencies) in June 2019, the company replaced affected devices. It also proactively lists security advisories and mitigations on its website.
“It is harder to compromise a hardware token than a digital phone, because not everyone has perfect insight to everything that’s happening or going on in their phone,” said Drew Porter, founder and president of Red Mesa. “Most people don’t monitor everything that is happening on their phone, and therefore they can’t know whether their phone is compromised.”
You head to the website or app and then type in your username and password. The site or app asks you to connect your key. You do so by either plugging the key into a port on your computer or phone, or holding it near the top of your phone if it supports NFC. You trigger the key by tapping a piece of capacitive metal or clicking a button. Whether you’re going online to shop, bank, check your email, or use social media, you should be using multi-factor authentication to secure your accounts. Adding an extra layer (or layers) of security to your accounts makes it more difficult for an attacker to compromise them. The National Institute of Standards and Technology (NIST) recommends using some form of multi-factor authentication, and you may already have a second factor, such as receiving a one-time code via SMS messages or using an authenticator app like Authy.
How we picked and tested: An array of security keys, in a variety of sizes and colors, that we tested to find the best security key. A security key doesn’t need to have a lot of features to be useful, but one that’s designed badly can be difficult to use. Following are the features that we found through our research to be most important:
The best security key for most people is the Yubico Security Key, which comes in two forms: the Yubico Security Key NFC (USB-A) and the Yubico Security Key C NFC (USB-C). These security keys work with most devices, including phones and laptops. They feature all the security protocols necessary to work with a wide array of web services that most people use, including 1Password, Bitwarden, Google, Microsoft, and plenty more. Yubico’s documentation and support is the best we’ve seen, and the keys have proven durable over years of testing. Priced under $30, they’re affordable enough that you can buy a couple (which we recommend, so you have a backup) without spending too much, especially considering there’s no reason they won’t last for many years.
The Yubico Security Key can handle the majority of online accounts most people need, but the 5 Series supports a few protocols for most advanced uses.
In order to use any security key, you have to set it up and pair it with each individual online account. Setup on an account takes only a couple of minutes, but finding the right place to do so can require some detective work. Helpfully, Yubico’s documentation is extensive: In addition to a setup page, Yubico has videos and links to instructions for services that you might want to use your security key with, including a list (with visuals) of which key works with the program, information on security-protocol support, desktop and laptop platform support, mobile support, browser support, and any special offers. This documentation is far more comprehensive than what we’ve seen from the competition.
Yubico’s YubiKey Bio Series comes in both USB-C and USB-A models and features fingerprint recognition instead of a simple touch authentication. This design adds an extra security layer to your key since if someone steals it, they can’t use it. But with a price tag of $80 to $85, the Bio keys are not necessary for most people.
How to set up your YubiKey. Setting up your YubiKey isn’t that different from setting up app-based two-factor authentication. If you’re actually using a YubiKey (not another hardware authenticator), here’s what you need to do: Plug in your YubiKey. Head to Yubico.com/setup and click your device. Browse the list of supported apps and find what you want to secure. Follow the instructions. How this works is going to vary from app to app, but I’ll use Google as an example. Follow the instruction for Google, and you’ll find a link with instructions for adding your YubiKey to your Google account, which offers a link for adding your key.
The Yubico Security Key series supports a wide array of protocols and is compatible with most of the online services that people use, including Google, GitHub, and Dropbox. It’s available for USB-C ports as the Yubico Security Key C NFC and for USB-A ports as the Yubico Security Key NFC. These keys offer most of the same benefits as our upgrade pick, the YubiKey 5 Series, at a fraction of the price. After years of testing the Security Keys and keeping them on our keychains, we’ve found them durable and reliable. Yubico also provides the best documentation we’ve seen from any security key maker, and its excellent introductory experience eases the process for newcomers. The Yubico Security Keys don’t support more advanced protocols such as OpenPGP, smart card, and OTP, but if you don’t know what those protocols are, you probably don’t need them.
If you’re new to multi-factor authentication, here’s how the typical new-login process works when you’ve registered a security key with a website or app:
Determining which 5 Series key is best for you depends on which devices you own. Yubico provides a quiz to help you find the right key, but the breakdown goes something like this: YubiKey 5 NFC (also available in non-NFC nano form): The YubiKey 5 NFC has a USB-A plug and near-field communication (NFC) support, so you can use it for NFC-enabled devices such as most smartphones. Although we didn’t test nano-size keys for this guide, those models are better if you want to leave your key in the USB port of your computer. YubiKey 5C (also available in nano form): The USB-C–only design is compatible with Android phones as well as some newer tablets, desktop computers, and laptops. It is not compatible with iPhones.
YubiKey 5C NFC: With USB-C and NFC, this model is a good option if your computer has a USB-C port and you don’t need a Lightning connector. It works with most newer desktop computers and laptops, with some tablets (including several iPad models), and with Android and iPhone (over NFC).
YubiKey 5Ci: The 5Ci has two different sides, a USB-C connector and a Lightning connector, the latter of which is used by most Apple mobile devices. So this key is best for people reliant on Apple hardware, including iPhones, iPads, and laptops, though we preferred using the NFC keys over fiddling with this one; it’s still a good option if you have an iPad model with a Lightning port.
The 5 Series offers more port options and combinations than the selection from every other company, including Yubico’s less expensive Security Key line and Google’s Titan Security Keys, which don’t have a Lightning-port option for iPhone owners and instead rely on NFC. Although the 5 Series has wider compatibility with smartphone ports than other options, it still suffers from the same seemingly random quirks of the Yubico Security Keys. But even so, the 5 Series supports multiple protocols, including FIDO2, U2F, PIV, Yubico OTP, and OATH HOTP, which helps ensure that it’s compatible with as many services as possible in the future.
Security keys can be tricky to set up, so people without the patience to do so should stick to authenticator apps. But once security keys are set up and in actual use, we’ve found them to be much easier to use in practice than authenticator apps because there’s no wonky copy and pasting required, nor is it necessary to scroll through codes to find the one you’re looking for.
Support on mobile devices has expanded over the past few years, but we still encountered quirks with keys on both Android and iOS; for example, on both platforms, you can use a key to log in to Dropbox from your smartphone’s browser, but not the Dropbox app. We’ve seen improvements in other apps, though, such as Facebook, which now fully supports keys in its mobile apps, and Twitter, which will soon allow you to log in with just the key, no password needed. To compound the confusion, some apps and services might support a key when it’s plugged in but not over NFC. These sorts of mismatches can be annoying, especially considering that even when NFC is supported, you still have to hold the key close to your phone and cross your fingers in hopes that it registers. If you really dislike futzing around with NFC, the YubiKey 5 Series may be a better option.
“People do a lot of campaigns around phishing education and around teaching people to be careful about the URL bar in the browser, but it turns out we’re human,” said Yubico’s chief engineering officer, Christopher Harrell. “We have other priorities, and our attention is limited.” Security keys do the heavy lifting of making sure the sites you’re trying to log in to are authentic, so you don’t have to be as meticulous about noticing anything off. As an example, Porter noted that a lot of people mindlessly tap through “Did you sign in?” push notifications on their phones even when they shouldn’t, an issue that wouldn’t come up if they were logging in using a security key.
Security protocols: Since hardware keys are a security item, we dug into each company’s track record on previous recalls and looked at whether the company had a coordinated vulnerability-disclosure program to allow security researchers to report bugs.
Future-proof support for multiple standards: We focused on keys supporting the newest set of specifications, such as FIDO2. This means that they support more applications and websites, and it suggests that they are less likely to need replacing. Security keys typically have no moving parts and are durable, so you’ll probably use the same keys for many years.
Consistency and compatibility: We looked for security keys that worked as consistently as possible with each of the services we tested them with. We preferred security keys that came with a variety of connection options so they could work on both Android and iOS, as well as both Windows and macOS computers.
Setup and user experience: We wanted security keys that were easy to set up and use.
Customer support: We looked at the types of support each company offered, as well as how much documentation was available on its website both for setting up keys and for troubleshooting. We preferred companies that were well known and had been around for a while, an indicator of continued support in the future.
Portability and durability: We put the keys we tested through the type of wear and tear that can be expected over a normal day of use, including tossing them around on a keychain and dropping them into the bottom of a bag, and we looked for any parts that seemed as if they could easily snap or break off too quickly with use. We looked at whether the necessary components were well protected. Some companies also make smaller, “nano”-size keys that fit flush with your computer’s USB port. These designs are useful if you work only on a computer, but they’re a pain to use on mobile devices. Most people are likely to want at least one portable key with a keychain loop.
Security keys aren’t perfect. One research paper (PDF) showed how a hacker could clone some security keys, making it so that they could theoretically log in to any accounts protected by the original key. The attack requires physical access to the key, about $12,000 worth of equipment, and at least 10 hours, but it illustrates how even the most secure products can have issues. The researchers performed their attack on the Google Titan key but note in their paper that other hardware using the same chip may also be vulnerable; that group includes an older Yubico model, the YubiKey Neo, and several keys made by Feitian.
Like Yubico’s Security Key models, the 5 Series keys have proven resilient over our years of testing. After dangling on a keychain for a couple of years, they still work and look nearly brand-new.
How to set up and use a security key. To set up your security key, it’s best to start on a laptop or desktop, as some mobile apps won’t allow you to register a hardware key to your account on your phone. Once you register a key on your computer, it should simply work with your phone. As an example, here is how to set up a key with our favorite password manager, 1Password. The process is the same for any security key an app supports:
Flaws but not dealbreakers. For the most part, we found the experience of using a security key on both Windows and Mac laptops straightforward, but compatibility issues still affect certain browsers, and some software does not support keys directly, so you too might run into issues.
What happens if you press your YubiKey. Yes, this happens so often that we have a custom emoji for it. These codes are generated by OTP, which is one of the protocols that your YubiKey uses to connect to servers. You could stop this from happening altogether by turning off OTP, but that might break your ability to log in to some services. I think, for most users, it’s better to configure OTP to not trigger unless you hold the button for three seconds. This is a little complicated, but doable. YubiKey offers instructions for fixing this, but they’re kind of hard to follow, so here’s a summary.
Although it’s difficult to set up, the 5 Series also supports computer login on Windows, Mac, and Linux so that no one can access your machine without inserting the key after the system boots. Most other keys, including the Yubico Security Key models, can’t do the same.
If you’re looking for extra features and you’re comfortable tinkering around with more advanced settings in web apps, get a key in the Yubico YubiKey 5 Series. The 5 Series encompasses several models and is thus compatible with more devices than any other key, including Yubico’s Security Key line. The 5 Series has the same excellent Yubico video walk-throughs and setup instructions, and the keys themselves are portable and durable, though they cost nearly twice as much as our main pick.
Not all sites and services support security keys, but 1Password, Bitwarden, Dropbox, Facebook, Google, Microsoft, and Twitter do. To see which services offer security keys as an authentication option, look for a check mark under “Hardware Token” on the 2FA Directory site.
But when it comes to securing accounts and passwords, security keys offer the strongest layer of protection. A key provides an increase in security over just a password, and it can protect against specific types of phishing that try to steal two-factor authentication codes. Most people should use a security key for as many accounts that support it, and the keys in this guide should work for both personal and business accounts (unless you’re a government or regulated-industry employee, in which case you’ll likely have different keys, such as the Yubico YubiKey 5 FIPS Series).
On a day-to-day basis, you may not be required to use your hardware key all that often. Services often consider different risk factors to determine whether to require it. Some sites may ask you to insert it when you’re managing what kind of authentication you’re using, while others may ask you to use your key only when you’re logging in from a new computer.
To get started, download YubiKey manager on your computer. Install it, open the program, hover over Applications and click OTP. YubiKey Manager : You should see two slots for OTP: the Short Touch, in Slot 1, and Long Touch, in Slot 2. Click the Swap button, so that OTP shows up in Slot 2. Like this: YubiKey swap OTP slots. In some cases it won’t be this simple, but only if you’ve configured Slot 2 for some other purpose. You can read more on the YubiKey website if that’s you.
Yubico has videos and links to instructions for services that you might want to use your security key with, including a list (with visuals) of which key works with the program.
Is accidentally triggering my YubiKey in a chat room really bad? If you accidentally paste a code into something like Slack or a text editor, that’s not a reason to immediately panic—it’s not completely obvious who it belongs to or what it can be used to log in to (and, if you posted it on Slack, hopefully your coworkers aren’t trying to hack you).. Having said that, there’s always a chance a leaked 2FA code could enable a particularly creative hacker, so you don’t want to make a habit out of this. You’re also not helpless if it happens. Every YubiKey code is unique, and becomes invalid every time you use the device to log in to something. You can manually invalidate codes, if you’re worried. Just head to this website and paste the leaked code there. People accidentally post YubiKey codes …a lot. It’s an internal meme at this point. It’s funny, and probably harmless, but our security team set up an automated system to invalidate all such codes just in case. You can set it up if you want—click here to get started.
Yubico Security Key NFC (USB-A/NFC). Yubico Security Key C NFC (USB-C/NFC). YubiKey 5 NFC (USB-A/NFC). YubiKey 5C NFC (USB-C/NFC) . YubiKey 5Ci (USB-C/Lightning). YubiKey 5 Nano (USB-A)
YubiKey 5C (USB-C). YubiKey 5C Nano (USB-C). Even if you opt for a YubiKey as your primary key, consider one of the Security Key models as your backup to cut down on the cost. Prices are accurate as of November 16, 2021.
Although some of the extras in the YubiKey 5 Series aren’t things most people are likely to need every day, they are nice to have for anyone seeking the highest level of security. Most notably, the 5 Series can generate time-based one-time passcodes for up to 32 accounts, similar to how the Authy and Authenticator mobile apps work, but the credentials are stored on the key. This feature requires downloading the Yubico Authenticator app, and it works with services that support other authentication apps such as Authy. When you run into a site with software authentication but not key support, you can store those codes on the key. The Yubico app will then display those codes only if the key is connected, so even if someone managed to get your phone, they’d still need the key to access the authentication codes. None of the other keys we tested, including those in Yubico’s cheaper Security Key line, have this functionality. But using this feature puts the onus on you to save all the two-factor backup codes or to store credentials on a second key, so make sure you’re comfortable doing so.
The Yubico Security Keys meet FIDO2 standards and support U2F, WebAuthn, and CTAP 1 and 2, which makes them compatible with most web services that support security keys, including more forward-looking features such as Microsoft’s passwordless login. The standard Security Keys don’t offer some of the options for super-technical folks who might want to, say, put a GPG key in hardware, or for enterprise users who want a key that works with PIV smart cards for Active Directory, or for SSH or S/MIME. If you aren’t familiar with those terms, you’re unlikely to miss the advanced features of the more expensive 5 Series.
The keys were still usable after we ran them over and put them through the washing machine. Most of Yubico’s full-size keys are water resistant and crush resistant. Like other keys we tested, both the Yubico Security Keys and the 5 Series held up well for us in our regular testing, and they still worked fine after we ran them over with a car and put them through a cycle in a washing machine. All of them were easy to carry around on a keychain, too. After more than two years of use, the keys hanging on our keychains still look nearly brand-new and continue to work. They had the same durability results in tests conducted by Freedom of the Press Foundation digital security trainer David Huerta.
Easy to migrate. Did you get a new computer? Just unplug your YubiKey from the old one, plug it into the new one, and you can log in to all of your apps, same as before. You can also use one key to log in to your account on multiple computers. I’ve found the process to be much easier than migrating other 2FA. Really hard to hack. It’s relatively easy for hackers to compromise your email or SMS. It’s a lot harder—close to impossible with current technology—to fake the codes generated by a unique hardware device. Again, there’s a lot more nuance here, but these are the broad advantages of the YubiKey over other forms of 2FA.
Log on to your 1Password account from your browser > Click your profile in the top right and select My Profile > Click More actions and select Two-Factor Authentication. > Select Add Security Key, name the key, and click Next. > When prompted, insert your security key and tap the button or gold disk. > You should see a notice saying “Your security key was registered.” > When you’re done, repeat the process with your backup key. You should also set up an authenticator app such as Authy if you haven’t already, in case you run into an instance where you can’t use your key on a mobile device. The process is more or less the same for other supported services. Once the key is enabled, it should work automatically with your smartphone if the two have a physical connection. On Android and iPhone handsets, you can log in using an NFC key by holding it to the back of your phone until the phone stops buzzing.
At $25 and nearly $30 for the USB-A and USB-C models, respectively, the Yubico Security Keys are cheaper than Google’s similarly styled Titan Security Keys and nearly half the price of most models in the Yubico YubiKey 5 Series. The Yubico Security Keys lack the nice-to-have features of the 5 Series, such as multiple connection options, computer login, and support for time-based one-time passwords on the Yubico Authenticator app. But most people don’t need those extra features enough to justify the increase in price for a 5 Series model.
Yubico’s Security Key series offers strong account security and excellent documentation for newcomers. It’s available for USB-A and USB-C ports (and both versions work with NFC devices such as phones), but it doesn’t support advanced protocols that some accounts may require, so it’s less future-proof than our upgrade pick.
The Yubico YubiKey 5 Series supports a wider array of security protocols than the Security Key series, which makes it compatible with more online accounts. Compared with nearly every other security key, the 5 Series also offers more connection options, including USB-A, USB-C, USB-C with NFC, and a dual-headed USB-C and Lightning-port model. They also come as thumbnail-sized nano keys meant to live in your computer more permanently, in contrast to the standard key shape, which sticks out of the port. Over years of testing, they’ve proven to be as durable as the Security Keys, and they have the same excellent documentation. The YubiKey 5 Series models can be more than twice the price of the Yubico Security Keys, but their robust compatibility with more devices and accounts makes them worth the higher price.
Four security keys side by side that we tested to find the best security keys.
Looking at a Security Key and a 5 Series key next to each other, most people wouldn’t know the difference between them.
The YubiKey 5 Series is more expensive than competitors, and some versions are twice as expensive as the basic Yubico Security Key. But for many people, it’s worth the high price because it’s future-proof and it adds nice-to-have extras.
Multi-factor authentication works by requiring the presentation of multiple layers of evidence, or factors, before allowing access to an account. What the factors are can vary, but they generally fit into one of three categories: something you know (such as a password or PIN) or something you have (such as a security key or phone) or something you are (biometrics such as a fingerprint reader, face scan, iris scan, or voice recognition). Security codes sent by text messages have their own set of issues, and while authenticator apps are preferable to SMS, security keys provide the strongest protection against phishing attacks. For example, if you were to tap on a spoofed website link sent to you in a text message, an attacker controlling that site may get your username, password, and authentication code after you type it all in—but that can’t happen with a physical key. Plus, security keys are easier to use at a computer than fussing with your phone. Some security keys, including our picks, also support “passwordless login,” where you don’t even need a password, just the physical key itself, to login. The most notable company that currently supports this type of login is Microsoft.
Can I use one YubiKey with multiple devices? Yes! Just plug your YubiKey into any computer and log in the way you normally would. That’s really it—you’ll be able to log in to all of your accounts, same as before. You can use your YubiKey to log in on as many devices as you want, so long as there’s a slot for it. This is nice if you own multiple devices, and also nice when you get a new computer.
Additionally, the security key ecosystem has some rough edges. Not every type of key works seamlessly on a mobile phone, for example, and some apps revert to authenticator apps in some circumstances.
We recommend having at least one backup security key to use in case you lose your main one. With most services, you can register multiple keys, which you should do in advance; that way, if you lose your main key, you can log in with a backup. If you don’t have a backup, in some cases you could be locked out of an account. Different sites have different recovery mechanisms, including authenticator apps, SMS-based recovery keys, and backup codes (one-time recovery codes you can store somewhere).
What if I lose my YubiKey? It’s not great. Without your YubiKey you probably won’t be able to log in. But there are a few things you can do to reduce the risk. Most services that support 2FA (including YubiKey) allow you to create backup codes. Make sure you do this, and that you keep the codes somewhere secure—ideally offline. Consider printing them and putting them in a lockbox, if you can. You could also add some other kind of 2FA to any service you set up with your YubiKey, as a fallback. This could be app-based verification, or you could buy a second YubiKey, add it as an option for all of your services, then store it somewhere safe (a different lockbox than the one your backup codes are in, maybe?). If you don’t have backup codes or a second 2FA method, and have already lost your YubiKey, you’re not necessarily out of luck. Most services that offer 2FA have some kind of verification process for logging in after losing your credentials, but be warned: it’s going to take a while, and it’s going to be a lot of trouble. It’s far better to be prepared, so make sure you have backup codes somewhere secure or a second 2FA method set up. Also: make sure to remove your lost YubiKey as a 2FA method after you regain access to your account. Odds are whoever finds your YubiKey won’t know which accounts it provides access to, but better safe than sorry. To clarify: your Yubikey doesn’t store identifiable usernames and does not store any of your passwords. Anyone who finds your YubiKey would have absolutely no way of knowing which accounts it can log in to. This changes a little if the person who “finds” it knows it’s yours—say because they stole it from your house or office. But anyone who finds a YubiKey on the street, or in an airport, won’t be able to figure out whose key it is.