America's #1 USB Company!
Call us 877.992.3766

USB Security and Two Factor Authentication

Secure USB Flash Drive

Security is a hot topic in today’s world which relies almost exclusively on tech to conduct its business and personal tasks. Naturally, this opens the possibility of your information getting stolen and used for nefarious purposes, like identity theft or leaving your bank account bare. That’s why it’s important to think about security measures for your tech like USB drives and login protocols.

So, what are your options?

To protect your data storage device, you could use password protected encryption. What’s nice about encrypted USB drives is that you can easily do this yourself instead of purchasing one. Learn how to encrypt a USB drive here. There are also some exciting new advances in biometrics (identification using biological measurements, such as facial recognition) for data storage, like fingerprint locking technology for your USB drive.

However, these are solutions for secure data storage. What about the hazards of passwords and logins? Chances are you have over two dozen individual logins and passwords to keep track of (and change when prompted, too). It’s very likely someone can snatch your login info and break into your account that contains sensitive information like social media or email accounts. So, what do you do for secured data access?

You get a USB security key.

What is a Security Key?

A security key is a hardware device that uses USB to connect to a computer or other device, allowing access using key codes to run a program or application. They function as a “key” to login to secure spaces like emails, social media, and software programs. They are small, small enough to attach to your key ring without issue. Security keys can’t be copied (even by you) and are an attractive security option for both companies and individuals alike. We talk about them a little bit more here.

Security keys are examples of two factor authentication (sometimes referred to as 2FA), which is the requirement of two pieces of information in order to access whatever you’re trying to get into, be it an app or an email account. It uses two of the following three things:

Two Factor Authentication Graphic

You know your password; something you have is a security key that adds another layer of authentication. You simply login as usual with two factor authentication enabled and then insert your key to verify that it really is you. This is helpful in case your passwords are hijacked. They make it difficult for hackers to access your physical devices. You may already utilize two factor authentication with some websites which require the use of your phone’s text messaging to verify your identity to complete the login. It is increasingly being used and encouraged by websites for security purposes.

Types of Two Factor Authentication Products

There several devices that use 2FA are broken down into two types: devices or infrastructure/software. These both work off each other as the software or infrastructure recognizes and verifies users who are requesting access by using their 2FA devices.

Physical devices can take many shapes, from RFID cards, smartphone apps, tokens, or products like security keys.

Security keys are an important step up in security because previous methods are beginning to fail. Password hacking is almost embarrassingly easy, and governments, citizens, and corporations alike are looking for a more secure method for keeping their private, sensitive information away from prying eyes. It is not surprising that many governments (certainly, the US military) have banned the use of USB drives in government offices due to security issues.

2FA tech is constantly improving, and if you want the best digital protection then you should strongly consider a USB security key.

Security Key USB Flash Drive

The Perfect Example: YubiKey 5Ci

It’s been nearly two months since Yubico announced its YubiKey 5Ci and finally it’s launch is here. YubiKey 5Ci is a security key that offers dual support for USB-C, Mac, and iPhone devices. It is the latest rendition of its trademark security key that can support a much wider range of devices such as iPhones, iPads, and MacBooks using only one key. YubiKey notes that their product is aimed at cross-platform applications, especially those who utilize Apple devices.

The YubiKey 5Ci is better than ordinary two factor authentication because it does not require a simple code via text sent to your phone. It is a much stronger security option because it cannot be copied, even by you. What’s even better about this new iteration is that it’s compatible across a wide variety of platforms and operating systems, including Apple. With its Lightning and USB C capability, you can easily connect to your laptop or your iPhone using the same device. Do note that the latest iPad Pros do not seem to work with this security key. You must also make sure that the application or software you’re attempting to use with the YubiKey supports the FIDO authentication protocol. However, many notable brands like Facebook, Google, LastPass, and Dropbox already support it so it’s not like you’ll drop in on a market void of options.  It’s a very attractive option for users who want to need to use cross-platform applications and multiple operating systems.

Other Security Key Options

If you don’t feel like spending the $70 for Yubico’s latest model, you have other options on the market. The YubiKey 5C is only $50 and utilizes USB C while it’s slightly cheaper relative, the YubiKey 5 NFC ($45) uses USB A. Google released its own security key last year called the Titan which retails for $50; it only works with Android but offers a USB C adapter and NFC or one with Bluetooth and NFC (again, only for Android). Android 7 or above users can also utilize their phone as a physical security key.

There are also several cheaper, lesser known brands available on Amazon for significantly cheaper, but they seem to have more limited capabilities that may not work with programs you want. Honestly, with such sensitive information such as login, passwords and email addresses, it probably pays not to cheap out.