Blog posts of '2021' 'December'

What Is A Hardware Security Key?

What Is A Hardware Security Key?  


With almost everything done online, including private and important accounts, having protection beyond just traditional passwords is becoming essential.


One of the most secure ways to deploy two-factor authentication (also known as 2FA) is through hardware security keys. 2FA strengthens your digital account by adding an extra layer of security, requiring two different and separate identification for an access grant. 


What Is a Hardware Security Key?

A hardware security key  , also known as a U2F key or physical security key, is a small device that resembles a USB thumb drive and can be plugged into various devices. A security key is a secondary device that works dependently with a primary device. It protects an online account against cyber-attacks and automated bots, and thus, it is phishing-resistant as well. 


While there are USB security keys or USB-C security keys, some security keys are designed for wireless Bluetooth or have NFC capabilities to connect with mobile devices. Others can fit Lightning ports for iPhone and iPad users.


Aside from providing superior digital protections, security keys are easy to use and a relatively inexpensive alternative to fight phishing attacks and account takeovers.


How Does It Work? 

A single hardware security key can be used for several accounts (for as many as you like). It often works by:

  • physically inserting the key into your device (or connect it wirelessly)

  • your web browser or app will then present the security key with a challenge

  • the key will cryptographically sign the challenge, which verifies your identity


Technically, a physical security key works by generating a public and private key pair. The private key remains in the hardware security key, while the public key is sent to a server. The physical security key is the source of random numbers called nonce to generate your keys. It also sends another number called checksum to identify your specific hardware security key. 


As you login your credentials into an online account, the server will send nonce and checksum back to the physical security key along with a distinct number. From the nonce and checksum, the hardware security key will regenerate its private key, and it will then sign the number sent to it by the server, which finally verifies and unlocks a digital account with the public key.


Which Hardware Security Key Works Best? 

When it comes to hardware security keys, you have several choices to choose from. But no two security keys are created the same. 


Here are some of the best security keys available to date:

  • YubiKey Bio – – This biometric security key features a biometric authentication stored inside the key. This Yubico security key offers strong protection from physical attacks using your biometric fingerprint in a separate secure element.  

  • YubiKey 5C NFC – Since USB-C is becoming the standard on desktops, laptops, and mobile phones, this key brings USB-C and NFC together into a single YubiKey. 

  • Yubico YubiKey 5 NFC – Offering superior defense against account takeovers, this security key NFC lets you connect through a USB-A and wireless NFC. 

  • YubiKey 5Ci – This public key cryptography has the convenience of the Lightning port and USB-C in a single multiprotocol device. YubiKey 5Ci offers support for several modern devices such as Android, Windows, and Apple devices including Macs, iPhones, and iPads. 

  • YubiKey 5 Nano – The tiniest security key, YubiKey 5 Nano, is suited into a USB-A port that works with many online services or apps.

  • Thetis Fido U2F Security Key – Using a personal encryption method, this U2F Security Key by Yubico individualizes your online security by delivering a further layer of encryption via the USB port. 


Security keys are becoming essential in this digital era. These electronic security keys are a convenient and relatively affordable way to protect any important account or sensitive information online.


Want a strong and reliable hardware security key? Secure your online space with Yubico security keys. Yubico is your all-in-one configurable security that works with a simple touch yet fits a wide range of devices, networks, and online services. 


Do you have any queries? Call us at +63 2 8858 5555 today!