If you’re looking for an extra level of security for your personal accounts and data, YubiKey is a great way of securing your weak points. This small, yet powerful hardware device is like a physical key that, instead of unlocking a door, unlocks your online life.
It can be used as 2-factor authentication for the likes of Google Mail, Facebook, Last Pass, and your Blockchain.com wallet. YubiKey provides an additional element after login with a username and password to verify that it’s you who’s trying to access your online accounts.
2 Factor Authentication
18 million login credentials are compromised every day and one of the most important steps to securing your online presence is by enabling a form of 2-factor authentication. Using 2-factor authentication (or 2FA) is when you are asked to enter in your username and password and then another piece of proof that you are who you say you are.
One of the most common is a text that you receive on your mobile phone with a string of numbers, characters, or a combination of both. However, this can come with an element of risk as a hacker could also potentially compromise this system too. So another way is either using a secure app on your phone like Google Authenticator or Authy or by using a hardware device like a YubiKey 5 NFC.
What is a YubiKey 5 NFC?
A YubiKey 5 NFC is a small hardware device made by the company Yubico. These battery-free devices plug into your computer and along with your password provide you with 2 layers of 2 step verification. This type of verification cannot be intercepted by a hacker as they would physically need your device to get access to your accounts, along with your username or email and password.
The devices are also very durable, waterproof and crush resistant and come with a keyhole ring and chain so that you don’t lose it. Using both a USB-A connector to connect to your computer and wireless NFC for your phone. NFC which stands for “Near Field Communication” allows phones, tablets, laptops, and other devices to easily share data with other NFC-equipped devices.
Once you register your YubiKey with services, just tap your YubiKey for easy, strong two-factor authentication, for computers, networks, and online accounts. With no need for text messages or one-time passcodes.
The YubiKey can be purchased individually, as a pack of 2, 10 or 50 which is ideal for teams.
Where Can I Buy a YubiKey?
What Happens If I Lose My YubiKey?
Its recommended that you purchase more than 1 YubiKey to use as a backup in case you were to lose your YubiKey. This spare, should be kept somewhere secure and safe. Also, ensure that you have another way to enter your online accounts incase you do. For example, with Google Mail ensure that you take note of your Back-up Codes or Recovery Seeds or Phrases with the likes of Blockchain.com.
What Applications Support Yubikey?
YubiKey 5 NFC adhere to an industry-standard named Universal 2nd Factor, or U2F. This standard combines hardware-based authentication with public-key cryptography making it very hard to compromise.
The YubiKey works with well-known services that support U2F and FIDO2, like Facebook, Google, Blockchain and Dropbox. There are also computer login options for Macs and Windows PCs. Plus, you can even set up your YubiKey with password management like Dashlane or LastPass, and developer platforms like Github and Bitbucket.
YubiKey for iPhone
For NFC-enabled phones, just tap a YubiKey NFC against the phone to complete authentication.
How to Get Started with YubiKey 5 NFC
When your YubiKey arrives, you’ll want to set it up with each of your associated online accounts. Below are a few ways to set up YubiKey with the likes of Gmail, Blockchain and LastPass. However, there are also quick guides for all supported services available on their website.
How to Setup YubiKey with Gmail
If someone gets hold of this gmail username and password combination they then have the gateway to all of your personal information such as confidential emails and calendar invites. With google you can set up text alerts with 1-time codes but hackers (or bad guys) can also intercept these and gain access.
A great way to secure your account is by holding the key to your account literally on you so that you have to be present to access that account.
Step 1: Security Settings
To connect your YubiKey, log into your Google Account and in the top right-hand corner of the screen, click onto “Manage Your Google Account“, choose “Security” from the left and then “2 Step Verification“.
Step 2: Select Your Key, Insert and Tap
Click onto “Get Started” and select “choose another option”. Then from here, you can select Security Key. It’ll then ask you to make sure you have your key beside you.
Click “Next” and then insert your YubiKey and press the Yellow button on your YubiKey.
You’ll then be prompted to enter a name for Yubikey. Once entered click onto “Done“
Step 3: Back Up Codes
From the next screen, you’ll be shown other ways you can secure your account. You’ll want to use your YubiKey in conjunction with google back up codes, just in case you lose your device and you don’t have a spare key.
Which you can print off from here, then keep the codes somewhere safe and use to restore your account if needed.
How to Log into Gmail Using YubiKey
Once you have enabled your 2 step verification with YubiKey you’ll then be prompted to use your security key when you log into your Google Account.
First, you’ll be prompted to enter your username/email and password and then you’ll need to insert your YubiKey into a USB-Port and touch the yellow button to verify you are human and not a remote hacker. Then you will be able to access your account.
How to Setup YubiKey with Blockchain.com
If you’re holding your bitcoin or other cryptocurrencies in a Blockchain wallet you’ll want to ensure that it’s kept secure and you can use a Yubikey with Blockchain to secure your assets.
Step 1: Security Center
To connect your YubiKey, log into your Blockchain.com Wallet and go to “Security Center” in the top right-hand side of the screen. Go down to “Two-Step Verification” and select “Enable“.
Step 2: Pair your Key, Insert & Tap
Select to Pair your YubiKey, then insert the YubiKey into the USB Port and click into the field. Once your cursor is flashing in the box, tap onto the yellow button your YubiKey and a string of dots will appear on the screen. You’ll then receive a message on screen once the Yubikey has been verified.
How to Log into Blockchain Using YubiKey
Once you have enabled your 2 step verification with YubiKey you’ll then be prompted to use your security key when you log into your Blockchain.com wallet.
You’ll be prompted to enter your wallet ID, password and also your YubiKey. Insert your YubiKey into a USB-Port and touch the yellow button to verify you are human and not a remote hacker. Then you will be able to access your account.
How to Setup YubiKey with LastPass
Lastpass is a great password manager, making passwords more secure and storing them in a vault so you don’t have to remember them. By connecting YubiKey you can make Lastpass even more secure. Making access and authentication seamless. This is only available for Premium users and you can enter in up to 5 keys incase you have other family members using LastPass with their own keys.
Step 1: Account Settings
To connect your YubiKey, log into your LastPass account and go to “Account Settings” in the bottom left-hand side of the screen. Go across to “Multi-Factor Options” and scroll down to “Yubico” and click onto the pencil icon.
Step 2: Enable, Associate your Key, Insert & Tap
Under “Enabled“, select “Yes” and then you will need to click onto allocated YubiKey number. Then insert the YubiKey into the USB Port and click into the field. Once your cursor is flashing in the box, tap onto the yellow button on your YubiKey and a string of dots will appear on the screen.
Click on “Update“.
How to Log into LastPass Using YubiKey
Once you have enabled your 2 step verification with YubiKey you’ll then be prompted to use your security key when you log into your LastPass account.
You’ll be prompted to enter your username/email address and master password. Then you’ll be prompted to enter your multi factor authentication i.e. your YubiKey. Insert your YubiKey into a USB-Port and touch the yellow button to verify you are human and not a remote hacker. Then you will be able to access your account.