FIDO U2F Security Key
|Price:||$17.99 & FREE Shipping on orders over $25. Details|
Fulfillment by Amazon (FBA) is a service we offer sellers that lets them store their products in Amazon's fulfillment centers, and we directly pack, ship, and provide customer service for these products. Something we hope you'll especially enjoy: FBA items qualify for FREE Shipping and .
If you're a seller, Fulfillment by Amazon can help you increase your sales. We invite you to learn more about Fulfillment by Amazon .
- Enter your model number to make sure this fits.
- Two-factor authentication made easy
- FIDO U2F; Works out-of-the-box with Facebook, Google, Dropbox, and Dashlane
- USB Type A compatible
- Extremely durable and rigid; crush and water resistant
- Attaches to house and car keychain
Frequently bought together
Customers who bought this item also bought
Two-factor authentication made easy!
Yubico's FIDO U2F Security Key is a USB device you use in combination with your username/password to prove your identity. With a simple touch, the FIDO U2F Security Key protects access to your Google, DropBox, and Dashlane accounts. Keep one on your keychain with your house keys, and a second backup key in a safe place at home in case you ever lose/misplace your house keys.
Easy-to-use FIDO U2F Security Key performs the FIDO Universal 2nd Factor security protocol.
Easier and safer than authenticator apps: No more reaching for your smartphone to re-type passcodes you receive via SMS or from an authenticator app. Just plug in your FIDO U2F Security Key and tap to securely log in quicker than with SMS or authenticator apps.
Works out of the box to with popular consumer applications: Protect your Facebook, GMail, DropBox, and Dashlane accounts.
Using your FIDO U2F Security Key: Go to yubico.com/start for instructions on how to register your FIDO U2F Security Key with applicable services. Steps to enroll your FIDO U2F Security Key may differ from service to service. Yubico has provided steps based on their own testing, and links to those services for full instructions.
USB Type A compatible: Plugs into USB Type A ports. Purchase adapters for devices that feature USB-C ports.
Extremely durable (IP67 class rating by IEC 60529): High quality, crush-resistant, and water-resistant.
Attaches to house and car keychains.
Manufactured in the USA with high security and quality.
Looking for more functionality? Check out multiply YubiKey 4, YubiKey 4 Nano, and YubiKey NEO
Top customer reviews
Looks like this supports multiple Google / Google Apps accounts! Just be sure you've selected the right account on the "Manage Security Keys" page.
Know my password (it's a pain for me to remember, imagine for them to guess?)
Have my U2F key (which is on my car keys DEEP in my pocket)
Or if not, figure out how to make a computer think a U2F key is plugged in (not easy or likely)
And even if they DO fool Google and the computer into thinking the key is inserted, you have to physically touch the key to activate it.
Layers upon layers of security, and since the key can be associated with more than one service at the same time, it's an all-in-one authentication device that I hope more companies start using.
Attached is a picture of the Key, with a quarter for size reference.
U2F is an open standard but the main sites implementing this are Google (all their employees receive two of these when they join and all their services can use these), Dropbox, and Github. Hopefully more will follow. Your web browser needs to have U2F support to facilitate the transaction - Google Chrome has support, other browsers do not as I write this.
Using security keys is insanely simple. To register the key with the site you enable it in the account security settings then insert the key and press the blue light when prompted. After the key is registered, you can log into the site by entering your user name, password, and inserting the key and pressing the blue light when prompted. Google in particular will remember that you authenticated with the key and will not prompt you for it again for several months or until your clear cookies.
One key can be used with multiple accounts at multiple sites. Multiple keys can be used at the same site. There are no serial numbers so your access at various sites can not be tracked by the key.
If you lose or damage the key, or log into a site without Google Chrome, you can still log in with other 2nd factors such as Google Authenticator or printed codes.
The key arrives with absolutely minimal packaging and no instructions - there is plenty of help on Google's site though. I was disappointed that I scratched min while putting it on my keyring, but it is solidly constructed and survives life in my pants pocket with my house keys well. If it ever gets dirty you can clean the contacts by gently rubbing an unused pencil eraser against them.
Now, if you weren't using SMS two factor, or didn't have a backup phone attached, there are plenty of other attack vectors if you were using say Google Authenticator to get your code. (iCloud backups store application data for example)
The point I am trying to make is, with this hardware two factor authentication device, there is no way for a remote attacker to gain access to your two factor authentication code, resulting it the utmost security of your account. Just make sure to also remove your backup phone number (for google).