Monday, February 20, 2017

Yubikey, U2F and protecting your accounts.

Setting up 2-factor authentication is an important step to keeping your online accounts safe.  For many people, this comes in the form of having an additional code that must be entered in addition to their passwords such as those that is sent to their phones through SMS or using an app like Google Authenticator.

Admittedly, this additional security comes with an additional inconvenience of needing to have your phone nearby and looking up the code which probably turns off a lot people.  To simply the process, Google, Yubico and some partners developed Universal 2nd Factor (U2F) which is now handled by the FIDO Alliance.  This open standard uses an hardware key that you insert into the computer's USB slot (or using NFC) instead of typing a code.

Google, Facebook, Dropbox, Github and a host of other services now support this.  The keys can be purchased from Amazon and ranges from $18 to $50 depend on the features you want.  For primarily Fido/U2F support, only the $18 Yubikey is needed.

The most basic Yubikey is enough for Google, Facebook, Github, Dropbox and many common web applications.

This Yubikey supports NFC and a number of other security mechanisms such as storing ssh keys, passwords, etc.

This tiny Yubikey is meant for be left in the computer's USB slot and you touch it to authenticate.  This is useful for machines that you feel is physically safe from phishers and other people trying to steal your accounts.

These keys really reduces the inconveniences of 2-factor authentication and are super easy to use.  I just wish more companies (especially financial institutions) adopt their use.

No comments:

Post a Comment