Yubikey - The Perfect Hardware Key Guide

Hi there ladies and gentlemen!

Today we will be talking about a cool security hardware and I have been waiting for a long time to get my hands on it and share it with many of my followers and of course my friends and colleagues.

What is that, you ask?!

Yubikey, which is a little portable device for your own security. Why is it better than traditional virtual 2FA authentication?

Features

There are a lot of features that make Yubikeys more secure and convenient for anyone, nevertheless, of the area they work in.

• Faster authentication than opening your phone and looking for Google Authenticator, Authy, and all these messes.
• No remote hacks since it's physical. Trust is always better when there is actual interaction.
• Data isn't shared in any way in the cloud, it's all on your physical device
• Dropped it accidentally in your pool? Please... Water and crush-resistant; no network connection or batteries are required.
• Supported by many companies you use daily (Gmail, Facebook, Youtube, ProtonMail, Cloudflare, Twitter, etc. (see the full list here)

Wonder how you will plug this into your phone?

• No worries, there are plenty of ways to authenticate, for example, USB-A, USB-C, Lightning, and even wirelessly with NFC.

Supports many security methods:

• WebAuth, FIDO2 CTAP1, FIDO2 CTAP2, Universal 2nd Factor (U2F), Smart card (PIV-compatible), Yubico OTP, OATH – HOTP (Event), OATH – TOTP (Time), OpenPGP, Secure Static Passwords

These sounds all great, but Marcell, what happens if you lose your key? Well, this is the only downfall here. Just like with your house/home key, you always want a spare or so-called backup key.

Yubikey works with anything, Windows, Mac, Linux, and ChromeOS. Even when you access your hardware remotely such as a VPS or Dedicated Server.

Additionally, if a website doesn't support full authentication, you can still use the OTP (One-Time Password) authentication from your computer and just copy and paste. So much faster than opening your phone, and the app and typing it with your hands.

How does it work?

Let's say you visit Google, visit your security settings, and choose the Hardware Key as an option, then add your key (make sure to also add your spare/backup key).

Once you add it, during login, you will be asked to plug in your Hardware Key (if you want, you can of course keep it plugged in), and then depending on your setup, you either just have to tap the device and/or input a pin code, then you are in. That's it.

This applies about the same for mobile phones, whenever the website/app requires the hardware key, grab your supported Yubikey and put it near your phone, then the NFC does its job or if you have a Type-C/Lightning Key, just plug it in. As simple is this.

Price

Well, I am not saying it's for everyone, a fully featured Yubikey costs about 65 EUR, plus your backup key. However, in my opinion, if you pay to not lose your data and have better security, it really does worth it.

Overall

Can't express how many people, I have suggested this device since it is a much faster and safer way to authenticate. Having 2FA authentication can be a bit of a pain these days, but not with Yubikey, it saves you time and there is no more valuable thing in life than time.