• chevron_right

      The Best Hardware Security Keys of 2023

      GadgeteerZA · news.movim.eu / gadgeteerza-tech-blog · Saturday, 28 October, 2023 - 09:11 · 1 minute

    A hardware security key makes your online accounts even more secure. When you sign in, you'll have to plug in your key and press a button---or touch it to your phone. They work on websites like Google, Facebook, and many more.

    If you've been on the internet, then you've probably heard of two-factor authentication, usually abbreviated as 2FA. Typically, 2FA involves receiving a code you have to insert after you enter your password correctly. You can receive this code either through an SMS message, an email, or an authenticator app.

    These solutions can have problems though, especially since SMS messages can be intercepted through SIM-swapping attacks, emails can be broken into with social engineering, and authenticator apps lose their value if your phone is stolen or you forget it somewhere.

    This is where security keys come in. Using Multi-Factor Authentication, or MFA for short, means using more than just one authentication vector, so 2FA is part of MFA.

    Where physical security keys shine is that they don't have the issues stated above regarding interception or breaking in. Of course, they can be stolen, but some keys have biometrics in them or require another PIN, making it a true MFA key so that even if it's stolen, people can't hack into your accounts.

    The linked article goes into a bit more detail about what to look for in a hardware key, and it provides some comparisons of what the most popular keys offer. I did not even know about the open source option one.

    Because security is a bit more serious with the hardware key option, you can (hopefully) expect the service not to just issue a new password reset via e-mail if you lose your key. For this reason, it is vitally important you note down any backup codes for that key - preferably also written on a piece of paper and stored in a safe. I do this not only for me to regain access to any accounts, but also in case anything happens to me, that my family can access it in a usable form.

    See https://www.howtogeek.com/785677/best-hardware-security-keys/

    #technology #2FA #security