Online security is vitally important to all of us. The risks include everything from rogue codes added to your personal website to full blown identity theft. It’s easy to fall prey to cyberattacks, but it’s just as easy to protect yourself from them.
USB security keys have landed in the news with Google’s announcement of its own new Titan security keys yesterday, and they’re worth a closer look.
Unfortunately, setting a quick password on your online accounts just isn’t enough protection anymore. First we started getting sites prompting us to strengthen our passwords by adding in special characters and caps, but now even that’s the most rudimentary of personal cybersecurity.
That’s the premise of two-factor authentication — when sites tie a phone number to your account to text you a security code to verify a suspicious sign in.
USB security keys operate along this higher standard of cybersecurity. But how? What are they and why is Google suddenly pushing for them?
Here’s a quick look at what security keys are and what your best options are right now.
What is a USB security key?
USB security keys offer protection from phishing and account break-ins.
By plugging the key into your computer’s USB port, it lets your device know that you’re actually the one signing into a given account. The principle is simple enough. You need to memorize a password as well as have a physical object, separate from your computer, that confirms your identity.
This is how two-factor authentication protects you. Any hacker would need to not only discover your password, but also to be in possession of your phone (another popular authentication tool) or security key.
The security keys use Universal 2nd Factor (U2F) authentication, which means you simply insert the key and press a button to confirm. This can be a lifesaver for keeping your Gmail, Facebook, Dropbox, and more secure.
Last year, Google started handing out security keys to all of its more than 85,000 employees. A company spokesperson told KrebsOnSecurity that they “have had no reported or confirmed account takeovers since implementing security keys at Google.”
Yesterday, Google announced its own security keys, marking a shift but also a nod to the company’s faith in the devices for users at large.
So, if you’re looking for a USB security key of your own, what should you be searching for, and what are your options?
Let’s dive in!
The best USB security keys available
Google Titan security keys
The Google Titan keys only became available recently. We’ll be sure to test them out in full, but they already show a lot of potential and we can confidently say they are among the best USB security keys you can buy.
The keys support the FIDO protocol and work with many devices. Google’s foray into developing its own security keys is likely to push competition and raise the profile of the devices.
Yubico pioneered U2F technology and has been a leader in the industry ever since. In fact, Google used Yubico keys with its employees before announcing its own Titan keys.
The YubiKey 4 is probably your best option at the moment. It’s the gold standard of USB security keys and will give you the peace of mind you crave, all for $40.
If you want something smaller and more compact, try the YubiKey 4 Nano. It’s smaller than a dime and crush- and waterproof, just for an additional $10.
- Easy to set up.
- Requires an adapter when used with smartphones.
- Pricier than the competition.
The Thetis Fido security key is another great option, with a sleek construction and near universal compatibility.
Its pivoting body allows you to keep the actual USB stick safe inside the aluminum body of the key. And at $17, it certainly leads in the money saving department.
- One-year warranty.
- Slower than its competition.
The Kensington VeriMark is a stealthy little security key that takes up very little room and is barely noticeable when plugged into your computer. Like the YubiKey 4 Nano, it goes for $50, but you can get it on sale at Amazon for $38 today.
While conveniently small, the most impressive feature on the VeriMark, is its fingerprint sensor.
While USB security keys increase cybersecurity by a lot, they don’t protect you from IRL physical theft. If someone happened to know your password(s) and stole the USB security key — I know, unlikely — you’d have one last line of defence. As of yet, I don’t know of anyone finding a way to fake fingerprints.
Is that a degree of paranoia beyond simply keeping your personal or professional data safe? Maybe. But better safe than sorry.
- Added security.
- Small and easy to transport.
- Tough and comes with a protective cap.
That’s our round-up of the best USB security keys. Hopefully we’ve filled you in on what they can do and why you might want one. Let us know if you still have any questions.
And we’ll keep you updated on the Google Titan security keys as new information is released and as soon as we try one out.
Have you tried any of these USB security keys? Did they meet your needs? Let us know in the comments!