Article Summary
Whether you're brand new to online security or you're an expert, we'll explain how a YubiKey can help you improve your cyber security.
- A YubiKey is a physical authentication key that is used as a second factor authentication method for websites and password managers
- The YubiKey also stores a unique password to add an additional layer of security as you log into your computer or laptop
If keeping your information safe from potential threats is one of your top priorities, then this guide is for you. Below, you will learn the ways in which you can easily integrate a YubiKey into your daily digital security practices to keep your data safe and secure.
Online Account Security: The Basics
First things first, if you're completely new to online security, then you'll want to ensure that you're starting off on the right foot. You can do that by creating strong and unique passwords for each of your accounts. If you need help, we have a guide on creating strong passwords for you. Once you've created the perfect password for your accounts, you'll need to enable two-factor authentication—which is where the YubiKey comes in.
How Does Two-Factor Authentication Work?
Two-factor authentication combines something you know (your password) with something you have (a telephone number, a real-time code generator, a code list, or a Fast Identity Online "FIDO" security key AKA, a YubiKey).
Once your chosen second-factor is verified, you are granted access to your account.
For the average user, any of the two-factor options will be "sufficiently" secure. However, there is strong evidence to suggest that using your telephone number as a primary second-factor authentication method is not a good idea. In fact, any security measures that rely on a system that can be remotely operated is fair game for hackers. Here are just some of the common second factor authentication methods and their vulnerabilities:
- Phone Number: Through an SMS attack, number port scam, or (very rarely) a SIM clone—someone can remotely gain control of your text messages, spoof your number and authenticate your accounts.
- Password Managers, Authenticator Apps, and Code Lists: Someone can hack into your physical phone, computer, or laptop via popular hacking methods such as text/email malware or man-in-the-middle attacks. At that point, the hacker can gain full control of your digital data—authenticator apps, password managers, and code lists included.
Since those methods are vulnerable, the FIDO security key is the only second-factor authentication method left, but is it as secure as we hope? The simple answer is: it's more secure than the other available options. I have found some definitive bugs and weaknesses in the use of security keys, but if you use them appropriately, they'll offer you more security than the other options.
What is a FIDO Security Key?
A FIDO security key is a small device which authenticates your online accounts via the generation of two unique codes (public and private) which prompt you to verify your physical proximity to the key itself via a finger tap on the key in order to grant you (and only you) access to your accounts. On top of that, the codes that the key generates are regenerated every 30-seconds, so you know that there will never be enough time for a hacker to gain access to those codes and use them to access your data.
In simple terms: it works by placing the device into your computer or by waving it in front of your smartphone. Once its presence is identified by the account, you will be prompted to touch your key. Once touched, the key will send a message to your account, verifying that it's actually you who wants to gain access to the account. Your account will then be unlocked.
FIDO Security Key Features
- Ease of Use
- Unlike having to scramble for a code or a text message, you're merely touching the key that has been installed into your computer and you're in.
- U2FA
- Universal Two-Factor Authentication (U2FA) allows you to create a second layer of security (beyond a password) that is impossible to hack remotely.
- Fully Integrated
- Many security keys have been designed to fully integrate with password managers and other online services, just ensure that the one you buy is compatible with your favorite websites.
- No Risk
- If you lose your security key, the person that has it will still need to know your password to gain access to your accounts. More, you can easily disable the key's access in each of your accounts' settings once you realize it's gone. Doing so renders the key completely useless. For this reason, you should keep a backup security key in a safe place.
- One Time Password
- Many FIDO security keys have one time password capabilities. That way, when you sign into your device, you don't even need to type in your password.
How to Secure Your Accounts with a YubiKey
Before you buy your FIDO security key, ensure that it is supported by your desired account's security features. Because the security keys are growing in popularity, more and more companies like Facebook, Dropbox, and LastPass support them.
Setting up Your Security Key
- Access your account's sign-in and security page
- Select 2-Step Verification
- Select and setup your security key as the default 2nd-Step
- Once done, test your key
- IMP: Register and test a second key as a backup
- Reevaluate your other 2-Factor methods - possibly regenerate another one time use code list after you know your account is secure and keep the codes in a safe place
After that, you should be able to sign into your account, place your key into your computer (or wave it near your smartphone) and you will gain secure access into your account. Ensure that you place your backup key in a (very) safe place.
How a YubiKey Could Improve Your Cyber Security
While there are several great security key options on the market today, I chose to go with the YubiKey by YubiCo. Read the following on what I did to secure my accounts and devices with my YubiKeys to get the best idea as to how you can implement it into your digital life as well.
How I Use My YubiKey
- Laptop Login
- Static password or security challenge laptop login.
- I registered a static password on my YubiKey to access my laptop but I suggest that you setup a security challenge instead.
- If you do register a static password on your key, then make sure to add the password to a backup key as well, write it down, and keep it somewhere safe. I did discover that the static password (really) only works when you wake your device from sleep mode, otherwise you're forced to manually enter it into your device upon each restart.
- Phone Number
- I have removed my phone number from every single account and added the YubiKey in its place. On top of that, I opened an additional Voice over Internet Protocol (VoIP) account to protect my private number from SMS vulnerabilities.
- The VoIP account is protected by my YubiKey and has built-in malware protection as well.
- Password Manager
- My YubiKey is supported by my password manager, which I use so I don't have to remember unique (and long) passwords for my accounts. To beef up my password manager's security, I use the key as a second factor authentication method.
- Online Accounts
- Facebook, Amazon, and many other major online platforms now support the YubiKey. If not, then I use my VoIP phone number which is supported by my YubiKey to protect my accounts.
While the measures I've taken to secure my accounts might seem extreme, all you really need to do is register your key(s) once - then tap the key each time your accounts prompt you for verification. As stated before, it's actually easier to use the key than it is to type in a code from a generator app or text message.
Secure Your Home Internet
To protect your online security you will need to protect your connection itself as well. If you're still using the WiFi password written on your router or modem, you'll need to fix that right away. All you have to do is log in to your internet provider's account portal and create a stronger password. You can save this password in a password manager that's protected by your new FIDO security key and it will auto-populate your data for you from then on.
More, while you're in your account, you should set up a Guest Password for your home WiFi access. This allows you to limit access to critical network data that could be compromised if it ever gets into the wrong hands. It's also a great way to create a super-easy password that you can readily give out to your visitors.
Finally, as you choose an internet plan, ensure that you go with a reputable internet provider that includes important security features that will actively protect you and your family's private information. Take a look at our list of providers below and read about their free security features before you select your next internet plan.
|
#1
|
Kinetic
100 Mbps
$24.99/mo
for 12 months. This advertised price includes a $5.00 credit for AutoPay enrollment.
|
|
#2
|
Mercury Broadband
Mercury Foundation
$25/mo
with AutoPay
+ $45 Upfront
|
|
#3
|
Frontier
Fiber 500 Internet
$29.99/mo
with AutoPay
|
|
#4
|
Brightspeed
200 Mbps
$29.99/mo
Limited availability/areas. Taxes and fees extra. Autopay required. Pricing Subject to change.
|
|
#5
|
Astound
300 Mbps Internet
$30/mo
Observed speeds may vary | One-time fees extra | Restrictions apply | Not available in all areas | New residential customers only
+ $14.99 Upfront
|
|
#6
|
Verizon Fios
myPlan + 300 Mbps
$34.99/mo
with AutoPay and any Verizon mobile phone plan
+ $99 Upfront
|
|
#7
|
AT&T
Internet 300 (Fiber 300Mbps)
$35/mo
Price after Autopay & Paperless bill discount. Plus taxes & fees. Limited availability. May not be available in your area.
|
|
#8
|
Ziply
Fiber 100/100
$35/mo
with AutoPay & paperless billing.
|
|
#9
|
Xfinity
300 Mbps
$40/mo
5 year price guarantee
|
|
#10
|
Spectrum
Internet Advantage
$40/mo
($30 plan + $10 modem)
for 1 year
+ $20 Upfront
|
Lauren Hannula
Managing Editor
Find a better internet plan
Enter your address to find the best internet providers available in your area.
.png?w=280&h=280&usm=20&usmrad=0.8&fit=crop "T-Mobile AWAY Plan: Mobile-friendly internet launches for travelers and nomads")
