- Feb 4, 2016
- 2,520
YubiKey offers a faster and more convenient alternative to text-messages or authenticator app two-factor authentication
Looking for a quick, easy, and affordable way to protect your Google account, Facebook, GitHub, Dropbox, Salesforce admin account (and much more)? Or maybe you're looking for a way to harden your Mac or Windows login credentials.
Take a look at the YubiKey.
Pros:
Cons:
- Cheap (with prices starting at $20)
- Far less hassle than using text messages or a third-party authenticator app, and speeds up logging into accounts on new devices
- Broad browser support: Chrome, Opera, Firefox, and Edge supports FIDO2/Webauthn
- The keys don't require recharging or battery changes
- Without your username and password, even if it is stolen, it's useless to a third-party
- Easy to use (if you can figure out two-factor authentication, you can figure out how to use YubiKeys, and if you get stuck, there are some good instructions available to guide you)
- Keys are incredibly robust and totally waterproof (one of mine lives on my keyring and gets bashed about a lot, the other I wear around my neck on a chain most of the time)
- Pretty indistinguishable from USB flash drives so the keys don't attract unwanted attention
- Scalable (customization tools and custom programming options available for business)
- Support for Open PGP encryption and code signing
- Offers an easy way to secure Windows, Mac, or Linux systems
- Ideally, you need two keys in case one gets lost, stolen, or damaged in some way.
- There are big gaps in services that support FIDO U2F (for example, no support for Yahoo!, PayPal, banks, and so on -- come on folks, get your act together!)
- Some of the documentation can be a little intimidating at first