The 5 Best Hardware Security Keys for Online Protection
The authentication method we’re most familiar with involves a username and a password. But passwords pose several problems, even if you enact good password hygiene practices.
For starters, we aren’t good at remembering passwords and even worse at creating strong ones. Secondly, most users tend to reuse the same password for multiple accounts. So, if one account is compromised, the rest of the accounts are at risk too.
To counter these risks, we suggest using a hardware security key. But with so many security keys available, picking the right one can be tricky. So, here are the best security keys we could find in the market.
1. YubiKey Series
Yubico is the industry leader when it comes to hardware security keys. The company offers security keys that cater to a wide range of users, from individual home users and developers to businesses and large enterprises. Some popular YubiKey versions include:
YubiKey 5 NFC
YubiKey C Bio
YubiKey 5 Nano
2. Kensington VeriMark
TheKensington VeriMark fingerprint keyuses biometric technology with 360-degree readability and anti-spoofing protection. It supports up to 10 fingerprints so that multiple users can log into the same device.
The compact scanner with a dongle form-factor is built with portability in mind. It measures only 1.2 inches length-wise, so you can attach it to a keychain without feeling its weight. You can even leave it connected to your laptop as you slip it into a bag during a commute.
The Kensington key supports many protocols and works well with cloud-based accounts like Dropbox, GitHub, Facebook, Google, and more. On the flip side, it lacks NFC support and compatibility with macOS and Chrome OS.
3. Google’s Titan Security Key
TheTitan keyis Google’s version of a physical security key for newcomers who want to protect their accounts withmulti-factor authentication. It offers USB-C and NFC support, so you can be sure it will work with just about any device.
Although the key doesn’t read fingerprints, you can tap the center to confirm when logging into sites. It supports the FIDO U2F protocol, which is an older protocol and puts the Titan key at a disadvantage compared to other hardware security keys.
Google’s Titan key doesn’t support biometrics, unlike the Kensington VeriMark key or YubiKeys. But thanks to this, the Titan doesn’t need any set-up. To use the key, all you need is to navigate to a site that supports hardware keys, add the Titan key to your account, follow the directions, and you’re good to go.
4. CryptoTrust OnlyKey
TheCryptoTrust OnlyKeyhas some unique features that its competitors lack. Starting with the design, the OnlyKey offers an onboard keypad designed to bypass keyloggers. Since you enter the characters of your password from the key itself, your accounts are safe even if the device or website is compromised.
you’re able to even protect your passwords with an additional PIN, which makes OnlyKey a proper multi-factor authentication device. It also includes a password manager and other features like self-destruct and encrypted backup. The self-destruct feature protects you against brute force attacks as it wipes your device after many incorrect attempts.
The CryptoTrust OnlyKey is a bit bulkier than its competitors and has a clunkier interface. While it isn’t a major dealbreaker, it may put some users off.
5. Apple Passkeys
Passkeys is Apple’s version of the security key to ensure a fast and secure authentication method. This new authentication technology relies on Touch ID and Face ID to authenticate users without having to enter a password. While this feature doesn’t involve a USB stick, it relies on your device to authenticate. Here’show Apple’s Passkeys work:
Once you enable the feature for a website or an app, the passkey will be stored on the computer or phone you used to set it up. You can sync it across all your devices usingiCloud Keychain. And when you want to sign in to a non-Apple device or a computer you don’t even own, you can scan a QR code with your iPhone to complete the authentication process.
Apple’s Passkeys login method will be available starting with iOS 16, iPadOS 16, and macOS Ventura. It will protect users against phishing attacks by eliminating the use of passwords.
Since this technology is still in its early stages, it’s unlikely that websites and apps will force users to use passkeys right away. They will be used alongside passwords initially but are bound to go mainstream in the future.
Are Hardware Security Keys Worth It?
Hardware security keys aren’t perfect. Not all sites support them, and they can be tricky to set up. They are also not ideal for users who tend to lose things.
But security keys are still safer than the traditional MFA methods. SMS-based recovery codes are prone to SIM jacking attacks, while authenticator apps have their own issues. Hardware-based security keys are much easier to use and provide better security in comparison.
We recommend using at least two physical security keys; one for daily use and a backup key that you could use in case you lose your everyday key.
Are you ready to say goodbye to traditional username and password combinations? Apple might just have the answer.
I gripped my chair the entire time—and then kept thinking about it when the screen turned off.
Don’t let someone else take over your phone number.
Quality apps that don’t cost anything.
You can’t call this offline, Notion.
Tor spoiled me forever.
