How to use a two-factor security key

Two-factor authentication is a great way to add an additional layer of security to on-line accounts. It requires the use of your smartphone, nevertheless, which isn’t solely inconvenient, however will be a downside in case your telephone is misplaced or breached. {Hardware} security keys can supply an extra layer of security to password-protected on-line accounts and, in flip, your id. They’re additionally not laborious to set up. Right here’s how to set them up in your Google account, Fb, and Twitter.

Security keys can join to your system utilizing USB-A, USB-C, Lightning, or NFC, they usually’re sufficiently small to be carried on a keychain (excluding Yubico’s 5C Nano key, which is so small that it’s most secure when saved in your laptop’s USB port). They use a number of authentication requirements: FIDO2, U2F, sensible card, OTP, and OpenPGP 3.

While you insert a security key into your laptop or join one wirelessly, your browser points a problem to the key, which incorporates the area identify of the particular web site you are attempting to entry. The key then cryptographically indicators and permits the problem, logging you in to the service.

Many websites help U2F security keys, together with Twitter, Fb, Google, Instagram, GitHub, Dropbox, Digital Arts, Epic Video games, Microsoft account providers, Nintendo, Okta, and Reddit. One of the best factor to do is to verify the web site of your security key of selection and see which providers are supported — for instance, right here’s a hyperlink to the apps supported by YubiKeys.

A setup course of is important earlier than you’ll be able to use a security key. After that, securely accessing your on-line profile on a web site is a easy matter of getting into your password, inserting the key, and tapping the button.

Remember the fact that you’ll be able to’t copy, migrate, or save security-key knowledge between keys (even when the keys are the identical mannequin). That’s by design, so keys can’t be simply duplicated and used elsewhere. If you happen to lose your security key, you’ll be able to use two-factor authentication in your cellphone or an authenticator app. Then, if you’d like to use a new key, you’ll have to undergo the method of reauthorizing your accounts another time.

Which security key ought to I use?

A number of model selections can be found. Yubico, one of many builders of the FIDO U2F authentication customary, sells a number of completely different variations. Google sells its personal U2F key, referred to as the Titan, which is available in three variations: USB-C, USB-A / NFC, or Bluetooth / NFC / USB. Different U2F keys embrace Kensington’s USB-A fingerprint-supporting key, and the Thetis USB-A key.

For this how-to, we used the YubiKey 5C NFC security key, which inserts into a USB-C port but additionally works with telephones by way of NFC. The method is fairly related for all {hardware} security keys, although.

Pairing a key together with your Google account

So as to use a security key together with your Google account (or any account), you want to have already arrange two-factor authentication.

  • Log in to your Google account, and choose your profile icon within the upper-right nook. Then select “Handle your Google Account.”
  • Within the left-hand menu, click on on “Security.” Scroll down till you see “Signing in to Google.” Click on on the “2-step Verification” hyperlink. At this level, you could want to sign up to your account once more.

Go to “Security” > “Signing in to Google” > “2-step Verification.”

  • Scroll down till you see the “Add extra second steps to confirm it’s you” heading. Search for the “Security Key” possibility and click on on “Add Security Key.”
  • A pop-up field will record your choices, which embrace units which have built-in security keys and the choice to use an exterior security key. Choose “USB or Bluetooth / Exterior security key.”
  • You’ll see a field telling you to be certain the key is close by however not plugged in. You’ll additionally see an possibility to use solely the security key as a part of Google’s Superior Safety Program (which is for customers with “excessive visibility and delicate data”). Assuming you don’t fall into that class, click on “Subsequent.”
  • The subsequent field allows you to register your security key. Insert your key into your laptop port. Press the button on the key, then click on “Permit” when you see the Chrome pop-up asking to learn the make and mannequin of your key.
  • Give your key a identify.
  • Now you’re set! You’ll be able to come again to your Google account’s 2FA web page to rename or take away your key.

Pairing a key together with your Twitter account

  • Log in to your Twitter account and click on on “Extra” within the left-hand column. Choose “Settings and privateness” from the menu.
  • Beneath the “Settings” heading, choose “Security and account entry” > “Security” > “Two-factor authentication.”
  • You’ll see three selections: “Textual content message,” “Authentication app,” and “Security key.” Click on on “Security key.” You’ll in all probability be requested in your password at this level.
  • Choose “Begin.”

Once your security key is registered, you receive a just-in-case backup code (deleted here).

As soon as your security key is registered, you obtain a just-in-case backup code (deleted right here).

  • Insert your security key into your laptop’s port, then press the key’s button.
  • The window ought to refresh to say, “Security key discovered.” Sort in a identify in your key and click on “Subsequent.”
  • The window will now learn “You’re all set.” It would additionally offer you a single-use backup code to use for those who don’t have entry to any of your different log-in strategies. Copy that code and put it someplace protected.
  • If you happen to’ve modified your thoughts and need to take away the security key, return to the “Two-factor authentication” web page and choose “Handle security keys.”
  • Click on on the identify of the key, after which select “Delete key.” You’ll want to enter your password and confirm that you really want to delete the key.

Pairing a key together with your Fb account

  • Log in to your Fb account. Click on on the triangle icon on the upper-right nook and choose “Settings & Privateness” > “Settings.”
  • Now you’re at “Normal Account Settings.” Choose the “Security and Login” hyperlink from the left sidebar.
  • Scroll down till you see the part labeled “Two-Issue Authentication.” Click on “Edit” on the “Use two-factor authentication” possibility. Chances are you’ll be requested in your password.
  • If you happen to don’t have 2FA arrange, you’ll be given three selections: “Authentication App,” “Textual content Message (SMS),” and “Security Key.” It’s really useful that you just use an authenticator app as your major security, however for those who favor, you’ll be able to simply click on on “Security Key.”

You can use a security key as your main authentication method.

You’ll be able to use a security key as your most important authentication methodology.

  • If you happen to do have 2FA arrange, then you definitely’ll discover the “Security Key” possibility beneath “Add a Backup Technique.”
  • Both approach, you’ll get a pop-up field; click on on “Register Security Key.” You’ll be instructed to insert your security key and press its button.
  • And that’s it. If you happen to don’t use 2FA, you’ll now be requested for the security key for those who log in from an unrecognized gadget or browser. If you happen to do, you’ll be able to use your key for those who don’t have entry to your authentication app.
  • If you happen to now not need to use the key, return to “Two-Issue Authentication,” discover “Security Key” beneath “Your Security Technique,” and click on on “Handle my keys.”

Leave a Reply

Your email address will not be published. Required fields are marked *