Jump to content

Jeber

Recommended Posts

One of the best aspects of this forum is the ability to ask a question and get honest, simple, down-to-earth answers that are informative and easy to understand.

 

For years I've seen references to physical security keys like Yubi keys. I've always been big on security. I use 2-factor authentication anywhere it's offered, even if many sites employ it in a way that makes it inconvenient and cludgy.

 

Based on what I've read it seems that Yubi-type keys provide the same basic security that 2-factor does. The key is registered to you (somehow) and the fact you have it in your possession and can plug it into your USB port proves you are you.

 

Looking closer I see there are a couple of different standards, U2F and FIDO2 appear to be the most common.

 

That's pretty much what I know about these things. So, my questions...

 

Are they really useful?

Is using a key more secure than having codes sent to your phone?

How do you employ these if you're logging in from a phone or non-USB tablet?

Can they be used at work, using different credentials, or do you need a separate key for each account?

Is there value in spending $20-50 for a replacement for text codes?

 

Any other info or opinion welcome.

Link to comment
Share on other sites

  • 3 weeks later...

I've had a YubiKey for a decade now. I just bought the latest version with newer 2FA support.

 

I believe they have an NFC version of the YubiKey for phones and tablets (not for iOS, though).

 

I used to use it with OpenID and had my personal website be the authenticator of my identity. That was a cool setup. Unfortunately, almost nobody uses OpenID

  • Like 1
Link to comment
Share on other sites

securitybreach

That's very cool Peachy. My poor website has had a place holder for years now. I really should do something with it.

 

Do not get me wrong, I stay connected to the host machine and use it all the time but the website and domain are not getting used any.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...