Search the Community

One of the best aspects of this forum is the ability to ask a question and get honest, simple, down-to-earth answers that are informative and easy to understand. For years I've seen references to physical security keys like Yubi keys. I've always been big on security. I use 2-factor authentication anywhere it's offered, even if many sites employ it in a way that makes it inconvenient and cludgy. Based on what I've read it seems that Yubi-type keys provide the same basic security that 2-factor does. The key is registered to you (somehow) and the fact you have it in your possession and can plug it into your USB port proves you are you. Looking closer I see there are a couple of different standards, U2F and FIDO2 appear to be the most common. That's pretty much what I know about these things. So, my questions... Are they really useful? Is using a key more secure than having codes sent to your phone? How do you employ these if you're logging in from a phone or non-USB tablet? Can they be used at work, using different credentials, or do you need a separate key for each account? Is there value in spending $20-50 for a replacement for text codes? Any other info or opinion welcome.