What's a YubiKey 5 NFC or a YubiKey 5C NFC? But to answer this question, I must first explain what 2 Factor Authentication is.
Intro to 2 Factor Authentication
Using two-factor authentication is an extra layer of security, making it harder for hackers or someone to gain access to your accounts. The first step is entering your username and password as usual. Then instead of gaining access immediately, you will be required to provide another piece of information. This second (2FA) factor could come from one of the following three categories:
“Something you know”: This could be a personal identification number (PIN), a password, answers to secret questions or a specific keystroke pattern.
“Something you have”: Typically, a person would have something in their possession, a smartphone to receive a six-digit code, or a small USB stick/token to insert into a machine that gets verified etc.
“Something you are”: This category is a little more advanced and might include a biometric pattern of a fingerprint, an iris scan, or a voiceprint.
YubiKey is something you have a USB NFC token.
Why am I using a YubiKey?
The answer is simple, instead of receiving a text message with a six-digit code or an authentication app, I have to use a physical token with my password. By doing so, I've made it virtually impossible for my account to fall into the wrong hands.
Unless you are going to hunt me down, find my token and pry it from my hands, the chances you'll get in are non-existent; To this day, there have been 0 account takeovers where YubiKey is in use.
How can you configure a YubiKey?
The list of apps or websites is pretty extensive. Let me provide you with my top suggestions. You will need to set up the YubiKey with every service before use.
Yubikey & Twitter
Here's a detailed process of how you can add a YubiKey to your Twitter account:
On your smartphone app or computer, visit Twitter; Navigate to Security and Privacy, click on security and account access, click on security, click on two-factor authentication and manage your security keys.
1: Click on “Security key”.
2: When prompted, enter your password.
3: If you haven’t already, we’ll ask you to confirm an email for your Twitter account: Enter your email address, then click Next. We’ll then send you a confirmation code via email. Back in your Twitter account, enter the code in the prompt, then click Verify.
4: Read the overview, then click Start.
5: You can either insert the key(s) into the USB port of your computer or sync it over your computer Bluetooth or NFC. Once inserted, touch the button on your key.
6: Follow the on-screen instructions to finish the setup.
7: When done, your security key(s) will appear in the Manage security keys section under Two-factor authentication. From there, you can rename or delete your security key and add additional security keys to your account at any time.
Need a visual aid to assist? Check out the screen captures I took while securing the @Cryovex Twitter account:
How to add YubiKey to your mobile APP?
How do you use the YubiKey now?
Say you want to login into Twitter from a smartphone or computer you have never used. Go to the app or website enter your login and password. Twitter will prompt you for that YubiKey. It will direct you to insert and tap the golden circle. Congratulation, you are now logged into Twitter using a physical security token.
Your password is useless to someone who cannot access the token that completes your login. I highly recommend that you opt for more than one security token in case you lose or damage one.
What you have just completed is similar across all major apps and websites, whether Google, Facebook, Snapchat etc.
Why should people do this?
By not doing this, you are inviting people to access your accounts, private emails, life, finance etc. You may as well let them into your life and hand over your house keys, car keys, bank cards, credit cards and tell them to have a blast! Securing your digital information is YOUR RESPONSIBILITY.
There's no place for it's too complicated, I don't understand, or I didn't know. It's time to take accountability for your inactions. The YubiKey 5 NFC or the YubiKey 5C NFC are meant to be as easy to use or set up.
Final thoughts on YubiKey 5 NFC / YubiKey 5C NFC
Securing our digital information is a must in 2022. Using Yubico YubiKey 5 NFC or YubiKey 5C NFC is a great step in that direction. It stops unwanted access to our favourite apps or websites while only letting the ones that should have access.
If you had to let your friends and family know that your account got hacked or tricked into providing information about yourself to a scammer, rest assured that those days are over. Gone are the dreaded notification about login into Facebook from Nigeria while sitting at a restaurant in New York City.