You know those hacking scenes in Hollywood movies that require a physical key before the lead actor can access a secure system? These scenes are typically depicting how two-factor authentication works. In reality, we don’t need a physical key, no? Well, sort of.
Two-factor authentication or 2FA is a secondary check to verify your identity before you can access your account. This is to prevent hackers who managed to break your password to gain access to your data. Common 2FA methods that we use nowadays are a fingerprint sensor, facial recognition, iris scan and to get the service provider to text/call/email you a one-time pin. But not many use a physical key.
Hence, when Yubico sent over their latest product, the YubiKey 5C and 5C Nano, for review, I wondered to myself, “why does anyone need a physical security key?” But after using it for a bit, I realised that this could possibly be a much better way of setting your second level authentication.
You see, anything online that requires sending data from one source to another is vulnerable to hacks. Of course with strong data encryption, it will take hackers a longer time to decrypt the data packets. But interception of data over the air is still a possibility. Having a physical key reduces that risk significantly because unless the hacker shows up to steal your key, it’s difficult to clone your authentication.
Setting up the YubiKey 5C is straightforward and any non-techie person can do it. For this review, I used the YubiKey 5C on one of the most popular email accounts of all time, Gmail.
- To set it up, head over to your “Google Account” and select “Security”.
- Under “Signing in to Google”, click on “2-Step Authentication”. Google will then prompt you to enter your password for your account before bringing you to the “2-Step Verification” page.
- Scroll down and look for “Security Key”, under “Set up an alternative second step”.
- Click “Add Security Key”. You will then be prompted to insert your YubiKey 5C and give it a light tap on its gold contact tip to let it know that you are a real person and not a bot.
- Once that’s done, you are set. You may want to choose the option of trusting your computer so that you don’t always have to use the YubiKey 5C access your Gmail account.
Of course, the YubiKey 5C is not limited to being the 2FA for Gmail only. There is a long list of applications that supports the key such as 1Password, Blogger, Dropbox, Drupal, Facebook, Instagram and etc.
Another cool thing that YubiKey 5C can do is that it allows you to log in to your Microsoft account without having to key in your username and password. After you set up the security key for your account, you only need to key in a four-digit code to log in. Here’s how you can do it.
I really like the YubiKey 5C. There’s just something about having a physical key that makes me feel that my account is more secured. I don’t see any downside of the YubiKey 5C, except that you will need to bring it around with you just in case you are logged out of your account and need to access it. In this case, I’ll highly recommend you to get the YubiKey 5C over the 5C nano because you can clip it together with your keys.
The YubiKey 5C is priced at US$50.00 while the YubiKey 5C Nano retails at US$60.00. Visit Yubico’s website to get one today!
So what do you think of the YubiKey 5C? Share your thoughts with us.