How to use a two-factor security key
0Reported today on The Verge
For the full article visit: https://www.theverge.com/22458935/two-factor-security-key-how-to-yubico
Reported today in The Verge.
How to use a two-factor security key
Two-factor authentication is a good way to add an extra layer of security to online accounts. It requires the use of your smartphone, however, which is not only inconvenient, but can be a problem if your phone is lost or breached. Hardware security keys can offer an additional layer of security to password-protected online accounts and, in turn, your identity. They're also not hard to install. Here's how to set them up for your Google account, Facebook, and Twitter.
Security keys can connect to your system using USB-A, USB-C, Lightning, or NFC, and they're small enough to be carried on a keychain (with the exception of Yubico's 5C Nano key, which is so small that it's safest when kept in your computer's USB port). They use a variety of authentication standards: FIDO2, U2F, smart card, OTP, and OpenPGP 3.
When you insert a security key into your computer or connect one wirelessly, your browser issues a challenge to the key, which includes the domain name of the specific site you are trying to access. The key then cryptographically signs and allows the challenge, logging you in to the service.
Many sites support U2F security keys, including Twitter, Facebook, Google, Instagram, GitHub, Dropbox, Electronic Arts, Epic Games, Microsoft account services, Nintendo, Okta, and Reddit. The best thing to do is to check the website of your security key of choice and see which services are supported - for example, here's a link to the apps supported by YubiKeys.
A setup process is necessary before you can use a security key. After that, securely accessing your online profile on a site is a simple matter of entering your password, inserting the key, and tapping the button.
Keep in mind that you can't copy, migrate, o