LASER_oneXM

Level 33
Verified
YubiKey offers a faster and more convenient alternative to text-messages or authenticator app two-factor authentication

Looking for a quick, easy, and affordable way to protect your Google account, Facebook, GitHub, Dropbox, Salesforce admin account (and much more)? Or maybe you're looking for a way to harden your Mac or Windows login credentials.
Take a look at the YubiKey.
Pros:
  • Cheap (with prices starting at $20)
  • Far less hassle than using text messages or a third-party authenticator app, and speeds up logging into accounts on new devices
  • Broad browser support: Chrome, Opera, Firefox, and Edge supports FIDO2/Webauthn
  • The keys don't require recharging or battery changes
  • Without your username and password, even if it is stolen, it's useless to a third-party
  • Easy to use (if you can figure out two-factor authentication, you can figure out how to use YubiKeys, and if you get stuck, there are some good instructions available to guide you)
  • Keys are incredibly robust and totally waterproof (one of mine lives on my keyring and gets bashed about a lot, the other I wear around my neck on a chain most of the time)
  • Pretty indistinguishable from USB flash drives so the keys don't attract unwanted attention
  • Scalable (customization tools and custom programming options available for business)
  • Support for Open PGP encryption and code signing
  • Offers an easy way to secure Windows, Mac, or Linux systems
Cons:
  • Ideally, you need two keys in case one gets lost, stolen, or damaged in some way.
  • There are big gaps in services that support FIDO U2F (for example, no support for Yahoo!, PayPal, banks, and so on -- come on folks, get your act together!)
  • Some of the documentation can be a little intimidating at first