Using the same password on multiple sites or picking simple, easily hacked passwords are two of the biggest security risk factors. As cyber thieves get better at spear phishing and social engineering, it’s a good time to think about changing your digital security strategy.
Password managers and security keys are both good replacements for passwords. Software-based solutions will work on most laptops, desktops, and mobile phones. These services generate and store secure passwords and manage login credentials and syncing your data across all your devices.
If you’re ready to level up your personal security even more, consider a security key. This hardware solution puts an end to phishing attacks and is much more secure than SMS-based two-factor authentication. These keys come in various formats, including USB-A and USB-C, Lightning for iPhone users, and Bluetooth.
Fast Identity Online (FIDO) standardizes the use of security keys for authentication, and Google, Microsoft, and PayPal among others are using this standard.
Here are a few of each kind of security service.
YubiKey 5 NFC
This key is FIDO-certified and works with Google Chrome and any FIDO-compliant applications on Windows, macOS, or Linux. It will secure login credentials for Gmail, Facebook, Dropbox, and other online accounts. You register your account, and then each service will ask you to insert the security key into a USB-A port to gain access. You also can use wireless nearfield communication (NFC) with the key. According to Yubico, the keys are tamper-resistant, water-resistant, and crush-resistant.
This key works via a USB-C port and will work with Chrome and any FIDO-compliant application on Windows, macOS, or Linux. The YubiKey USB authenticator has multi-protocol support, including FIDO2, FIDO U2F, Yubico OTP, OATH-TOTP, OATH-HOTP, Smart card (PIV), OpenPGP, and Challenge-Response capability to provide strong hardware-based authentication.
Google's Titan Security Keys
This physical key comes in three options: SB-A/NFC, USB-C, and Bluetooth/NFC/USB. The Titan keys include firmware engineered by Google to verify the key’s integrity and are built on FIDO open standards. The Titan security keys work with Google phones, Chromebooks, tablets, and most devices running Chrome. The Bluetooth key has to be charged via a Micro USB port.
If you’re looking for your first-ever password manager, this is a good place to start. LastPass works with Windows, macOS, Linux, Android, iPhone, and iPad. It has browser extensions for Chrome, Firefox, Safari, Internet Explorer, and Edge. LastPass also includes a Form Fill profile tool which will save your name, address, language, title, and username for autofilling forms. You can create multiple autofill profiles, so you can pick and choose which one is relevant for a particular website. The $48 annual subscription offers six accounts, shared folders, and a dashboard for managing the family accounts.
This key stores up to 24 passwords and can serve as a security key for an unlimited number of sites. It uses a pin number for access, so if you lose the physical key, no one can use the key to access sensitive information. OnlyKey automatically locks after a set period of time when it is plugged. If the key is stolen, all data is erased after 10 attempts to enter the pin. The key works with most websites, including Twitter, Facebook, GitHub, and Google and with Windows, macOS, and Linux devices.
This service works with Windows, macOS, Linux, Chrome OS, Android, iPhone, and iPad. This service will let you access your accounts and services with one master password. A subscription is $36 per year and comes with 1GB of storage and optional two-factor authentication through Yubikey for extra security. You also can create guest accounts to share Wi-Fi passwords or home alarm codes. The service requires an annual subscription.
Feitian ePass NFC FIDO U2F
This U2F security key is also FIDO-certified. You can use the ePass for registration and authentication with your phone and other devices. There is no limit to the number of accounts you can register with the ePass. It works via a USB interface and NFC. The case is made with injection molding and calcium carbonate.
This password manager will sync logins between all devices and is available for Android, Linux, iOS, macOS, and Windows. Enpass can create new login entries, has a good random password generator, includes password audit tools, and can be unlocked via fingerprint. The import/export feature makes it easy to integrate Enpass with Dropbox and other cloud services. Enpass can be used for free, but the free version is limited to the number of entries. This service requires an annual susbcription.