Q: What are the pros and cons of using hardware security keys?
A: One of the best ways to secure your online accounts is using some form of two-factor authentication to prevent anyone that acquires your password from getting in.
The two factors are something you know — your password and something you have: your smartphone.
Whenever one of your accounts sees your legitimate password being used from a device, browser or location they don’t recognize, they’ll send a special code or message to your smartphone to make sure it’s you.
With all the clever ways for hackers to steal passwords, not having this feature activated on all your accounts is very risky.
As with all security measures, it’s a balance between protection and usability that each of us must choose between.
Hardware security key pros
As good as smartphone-based two-factor authentication is, it’s not infallible so those seeking a higher level of security often consider using hardware security keys instead.
A couple of advantages of using security keys are they use very strong encryption and require no cellular or Internet connection to work.
They’re using small very durable devices that can live on our keychain and are easy to use, once you’ve set them up on your computing device. They generally use either a USB port or NFC (Near Field Communication) to authenticate.
Many services and devices support their use, so for most situations, they’re compatible.
It can also reduce your chances of being locked out of your accounts if your smartphone is ever lost, stolen, or damaged to the point of being unusable.
Since so many people are using smartphone-based authentication, the bad guys are creating more sophisticated ways to intercept or acquire access codes. Hardware security keys are a really good way to fend off many of those attempts.
Hardware security key cons
Unlike text or app-based security options, there is an initial cost to hardware security keys that range from $25 to $50 for devices such as the YubiKey or Google’s Titan Security key.
It can also be a hindrance if you need to use an alternative Internet device that doesn’t have USB ports or support NFC.
Some non-technical users may find getting them set up comes with a bit of a learning curve or requires some technical assistance.
If you have multiple users of a single account, sharing a key can be a bit impractical.
Just like with your smartphone, if you lose your security key, it can make accessing your accounts difficult unless you’ve set alternative access options as a backup.
Having a backup method for authentication is the single most important thing to do should you decide to start using a hardware security key.
Biometric security
Another option to consider that’s available for most of today’s smartphones, tablets, and laptops is some form of biometric authentication, such as a fingerprint or facial recognition.
They’re particularly common in smartphone financial apps, but you’ll need to go into the settings of each app to activate the option.
Even with biometric access activated, some financial apps will randomly ask you to type your password on occasion to make sure you’re the rightful owner, so be prepared.