What are security keys and what are the pros and cons to using them?

GettyImages-9848516741

Multi factor authentication is available on most websites and apps these days because cyber criminals are always looking to get into accounts. Which is why nearly everyone uses it in order to give their accounts extra security other than just using a password. There are authentication apps, codes that can be sent via email, or text, and there are security keys. 
 

Security keys are kind of like a thumb drive, they are small thin devices that connect to your device to unlock accounts. They can connect to your device by connecting to Bluetooth, plugging into a USB-C port, or a USB-A port on your device. These keys are super simple to use, when you’re looking to connect to an account you’ve registered you plug in the key and press a button located on the key. The browser will then connect to the key with the domain of the website so that your key can verify the account and cryptographically sign to allow you access to your account.  
 

Pros 

Because they are compact devices, they are always easy to keep on you. You can keep them in your purse, wallet, or attached to your key ring for easy access. 

They are easy to use, just plug in and hit a button 

You can still use MFA on your phone to get into accounts even without the key 

Phishing proof since they need to be registered to a website 

Physically secure 
 

Cons 

Because they are small enough to be on a key chain, they can be easily lost 

They require set up time to authorize your accounts 

Can require your device to have specific ports 

Are not supported for every website or app 

The cost of the device vs a free service 

 
While there are benefits and drawbacks to all the different types of MFA, it really comes down to the one that you think would be the best fit for you. If you don’t lose your keys easily and want an option that you can carry around with you a security key is a great option. The coolest feature about these is that they won't be fooled by scam websites pretending to be legitimate companies.  

Because these keys look at the domain of the website to see if you authenticated an account with them, they would notice if a scan site is just pretending. Your log in information will be safe even if you don’t notice that it isn’t a legitimate website. 

But if you are on the go and want an option that is connected to your phone, authentication apps and biometrics are a great way for you to feel secure with your important information. Securing your accounts is important so even if it seems like a hassle to type in a verification code or plug in a key it's worth it to keep you from losing your accounts. And with all the options available to you it’s easy to find the best one to suit your needs and help you keep your accounts safe from cyber criminals. 

Remote Assistance:


Close Button