When you set up Multi-Factor Authentication, or MFA, on your accounts, you often notice that there are several options that you can choose from. The typically used options are:
- Text Message
- TOTP-App Based, or Time-Based One Time Password
- Biometric, such as a fingerprint
- Secure Card, such as a work badge
While having MFA set on an account is better than not, some of these authentication methods are not as secure as you may believe. For example, someone could spoof your telephone number and take your Text-Based authentication codes. Others, such as a TOTP App like 1Password, could be compromised as well.
One that is less used, but is still prevalent in the industry is a physical key, such as a YubiKey. These devices utilize hardware, typically in the form of a small flash drive, that allows you to authenticate your account by plugging in the device or tapping the device on an NFC reader. While this form of MFA is not as widely seen as Text Message based MFA, it is slowly growing in popularity and many platforms are beginning to adopt support for this form of MFA.
One of the largest companies that create these physical keys is Yubico. Yubico supports WebAuthn, FIDO2, OpenPGP, and OTP as standards for their Yubikeys for authentication. Their keys are easy to set up, and also come with an application where you can store your TOTP MFA codes as well, similar to Microsoft Authenticator or 1Password’s built-in TOTP line.
With so many integrations, as well as large companies that are adopting this form of MFA, there isn’t a better time to pick up one of these keys!