How should I choose a security key?


In a growing market of security key's manufacturers, its becoming a tuff thing to choose one between a lot of different products.

d10811375473d0dd7635e89bc87d53e5c36bbc8da22ae2d4a6f541f486e39f8e.png

(First an USB security key; Second an USB + NFC security key; Third an Bluetooth and NFC security key)

Before choosing your security key, you must answer some questions. I'll try to simplify the process for those who wants to buy a security key but does not have an idea on how doing so.

At the time of this post, we've some manufacturers in the market. They are Yubico, Feitian, Kingston and Thetis, besides some hardware wallets like Ledger and Trezor which has compatibility with the FIDO[2] protocol.

Hardware wallets are way too more expensive than security keys, so in many cases people would choose only the security keys.

Yubico and Feitian are the best sellers in the market, being the top manufacturers. Yubico is far the most compatible device with the services that allow 2FA methods supporting FIDO. There're a big list of services compatible. You can check yourself on the following link https://www.yubico.com/works-with-yubikey/catalog/

Feitian is a giant tech company, producing not only security keys but many other devices like OTPs, Smart Cards, etc. It may work with many services, but till now, it's still not compatible with Microsoft services, like outlook.com, etc. So, its important to check the services you're registered which key are compatible/supported.

If its your first security key, it would be important to buy a FIDO2 key, which would be compatible with most services.

Other important factor you may think about is the connectivity of the key. Most of 'em uses USB connection, but there're some available with USB type C connection and even with lightning. And most important, there're some with built in wireless module communication, like BLE (Bluetooth) and NFC (Near Field Communication). Its important because it fits perfectly with our era of the mobile devices such as smartphones. Its important to check if you OS is compatible with the key. It important because not all devices are iOS compatible.

b190515723ff243d6acbb814ae547728ca12b64e4657d3d0f0caf7e701daca12.png

So, basically there're 3 important things: [1] Connectivity of the security key (USB and/or wireless communication); [2] Compatibility with the services you use and [3] Price of the keys.  [Note: not necessarily in this order.]

Of course we cannot forget about the costs of the keys, which is influenced by its connectivity and technology (FIDO or FIDO2, for example). The cheapest keys of the manufacturers written down above starts from US$20. But it has just the USB connection. Its important to consider buying a key with NFC and/or Bluetooth connection for mobile use.

***The last important thing is to have a backup key, which means you may buy 2 devices in case of losing or crashing the key. If you have a computer/notebook, you may consider buying for the backup key the cheapest one with just USB connection.***

For a better view of the compatible services with 2FA, check the website https://twofactorauth.org/

How do you rate this article?

0


Bandeirante Digital
Bandeirante Digital

Addicted for security, mainly digital security, my goal is to spread knowledge over the world about digital security, finance and digital investments.


bandeirantedigital
bandeirantedigital

Blog with content related to finance, digital investments and digital security

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.