Yubico YubiKey 5 NFC and YubiKey 5Ci REVIEW | MacSources
An easy way to ensure your data is safe.
The world seems to have gone topsy-turvy in the past 30 days. With the advancing coronavirus pandemic, it seems as though everyone is being forced to adapt to working from home even when their jobs aren’t quite structured that way. But, right now that’s the world we live in and because we are all digital now, digital security is more important than ever. One of the best ways to make sure your online accounts are secure is using two-factor authentication (TFA), but that can get to be really cumbersome when you have to constantly enter codes being sent to your email or mobile phone. That’s where the YubiKey comes into play.
YubiKey is a device made by Yubico that provides an easy option for two-factor authentication. It’s quite literally a physical key that gives you a digital security key for your accounts. Yubico’s website states that with Yubikey you can, “Stop account takeovers, go passwordless and modernize your multifactor authentication.” The key is an all-in-one configurable device. The YubiKey is designed to protect access to computers, networks, and online services. YubiKey works with hundreds of services and is compatible with Windows and Mac login, Gmail, Dropbox, Facebook, Salesforce, and Duo — to name a few.
The YubiKey 5 Series are multi-protocol security keys. They support FIDO2, FIDO U2F, one-time password (OTP), OpenPGP and smart card. They are available in several different forms — USB-A, USB-C, NFC, and Lightning. It’s supported by the Yubi Platform.
I had the opportunity to test out two YubiKeys — the YubiKey 5Ci and the YubiKey 5 NFC. I can’t comment on the retail packaging for the devices because they were sent to me in a press kit package. That said, the keys themselves are quite sturdy. I would have no problem carrying them around in my pocket as I believe they could handle basic daily use. With both types of keys, you have the option of storing them on your keychain.
The process of setting up a YubiKey caught me off guard. After I had the first account set-up with it, I thought, “Is that really all there is to it?” I had to go back through the process a couple of times to make sure I didn’t miss anything and sure enough, it really was that simple. Within a matter of minutes, I had Amazon, 1Password, Facebook, and Twitter set up with TFA using the YubiKey. Each set-up was just a little different (as you will see in the screenshots). With 1Password, I logged into my account on my laptop and went to Two-Factor Authentication within settings. I selected the Authenticator App as the method and a QR code was provided on the screen. On my phone, I opened the Authenticator App, inserted the 5Ci and touched the plus (+) symbol to add a new account. An option comes up on the app to scan a QR Code or enter code manually. I held my phone up and scanned the code. The information was added to the app immediately and the account was saved to the key.
One thing I found interesting was that each key stored its own information. Once I had my 1Password account saved to the 5Ci, I connected the Yubikey 5 NFC to my Authenticator App and there were no accounts saved. So, I ended up going through all the login/authenticating processes twice — once for each key. While this is great for security and somewhat common sense that this would be the case — I thought it was worth noting that the information was stored on the key and not in the app.
Two-factor authentication can seem like a daunting process because it involves multiple steps to make sure your data is secure. The YubiKeys take the frustration out of the process because they provide an alternative, secure way to access your important accounts. The only criticism I have is that thorough instructions were not provided for how the system should work together. Even though each log on process is a little different, there is still a basic operation that you have to go through with the app and the key that could be outlined a bit better. Nevertheless, with a YubiKey, you can rest assured that even if your account becomes compromised that you have the key to keeping your information locked down in the palm of your hand.
Originally published at https://macsources.com on March 31, 2020.