It costs only $20, and it’s compatible with any services that support U2F and FIDO2. For something more economical, you can try the brand new Security Key for USB-A ports. You can also plug it into USB-A ports on your PC or other devices.
For Android users, there's the NFC-compatible YubiKey Neo for $50 that lets you access your online services on your phone. The full-size YubiKey 4 Series ranges from $40 to $60 and comes in versions for USB-A ports or USB-C ports. There are key-shaped models that attach to your keychain, and “nano” models, designed to be less awkward when plugged into a laptop. Made by the company Yubico, which helped draft the open U2F and FIDO2 standards, the keys are durable, water-resistant, and battery-free. If you receive one from us, you may wonder how to use it.
Also (full disclosure!) we started giving away YubiKeys to new WIRED subscribers as free gifts earlier this year. We’re concentrating on the YubiKey here simply because it's the most popular option, but you can use the instructions below with any key that supports U2F and the similar FIDO2 standard. There are several models of U2F key to choose from all of them look like variations on a compact USB stick. A hacker might find a way to snoop on your passwords or intercept a six-digit 2FA code while it’s being sent to your phone, but they’d be hard pressed to snatch an actual key off your keychain. These little key-shaped fobs plug into your computer and, along with your password, complete the second half of a 2FA web login. The best way to set up two-factor authentication is to use a secure app on your phone to generate those six-digit codes or to carry a piece of hardware that can verify your identity.Ī device like the YubiKey is just that sort of hardware.
Combined with a strong passphrase like those generated by password managers such as 1Password or LastPass, a 2FA login is quite effective at verifying your identity.īut no matter how strong a password is, or what level of code-based authentication a website is using, any system that sends codes in a text message can be compromised from afar by a skilled attacker. When a unique scramble of numbers shows up on your phone, you type them into the browser along with your password at the login screen. One of the more common 2FA methods in use today employs six-digit passcodes that are sent to your phone via text message. This protocol-commonly abbreviated as 2FA-requires you to type in a password and also provide one other piece of proof that you are who you say you are before you can log in to a service. One of the most important steps you can take to secure your online services is setting up two-factor authentication. As we become more dependent upon online platforms for social and professional purposes, it grows increasingly important that we embrace stronger online security measures.
0 kommentar(er)
