YubiKey5C NFC Hands-on: How this Little Gadget Keeps Your Online Account Super Secure

YubiKey5C NFC Hands-on: How this Little Gadget Keeps Your Online Account Super Secure

Security key manufacturer Yubico today (September 9) announced its newest model, the YubiKey 5C NFC, which combines a USB-C male plug with wireless near field communication (NFC) for truly secure two-factor authentication (2FA) 2FA)

The new YubiKey costs $55 and is available with either a USB-C port (most modern laptops, Android phones, iPad Pro, etc) or NFC support (most Android phones, iPhone running iOS 133 or later, iPadOS 133 or later iPad running iOS 133 or later) can be used to log into Windows, Mac, Linux, Android or iOS devices with either

"The YubiKey 5C NFC is one of the most popular security keys available It is one of the most popular security keys available," said Guido Appenzeller, Yubico's Chief Product Officer, in a press statement

Of the various 2FA second factors, such as text codes, code-generating authentication apps, and push notifications, hardware security keys are arguably the most secure

Physical security keys cannot be phished or spoofed like text or generated codes Google claims that there have been no successful phishing attacks against its employees since it started letting 2FAs use security keys

The only drawbacks are that the security key must be purchased (prices start at about $10, but can go up to $70), and when setting up a new account, setting up an app, or logging into an account from a new device, it must be physically nearby It's something you have to keep in place

It's best to register multiple security keys for each account, carrying one with your regular house and car keys and keeping the other in a safe place

We received the YubiKey 5C NFC in advance and tried it out; it took only a few seconds to set up a Google account with the YubiKey 5C NFC; once the key was plugged into the USB-C port on our Windows 10 PC, we used the Brave browser to log into our Gmail I was able to log in without any problems

Setting up the YubiKey 5C NFC with LastPass and logging into the LastPass Chrome extension on Windows 10 using the USB-C port was equally easy, logging into GitHub with Chrome was similar

However, using the YubiKey 5C NFC on the OnePlus 5 Android phone was a challenge: to log in to Google or GitHub websites with the Brave browser, I had to either plug it into the phone's USB-C port or tap the back of the phone to NFC reader to recognize it, it was not usable Nor could it be made to log into the LastPass Android app

It was probably not Yubico's fault; none of the NFC-enabled keys, including the YubiKey Neo and Google Titan Key, would let me log into Gmail or GitHub from the Brave browser; inserting the YubiKey 5Ci into the USB-C port did not work

The GitHub Android app finally succeeded; plugging the YubiKey 5C NFC into the phone's USB-C port was not recognized However, when I tapped the YubiKey 5C on the back of the phone and pressed the button, the phone recognized the NFC connection and I was able to log into GitHub

For now, it might be a good idea to have an authentication app as a backup, such as Authy, Google Authenticator, Microsoft Authenticator, or Yubico's own authentication app However, using a security key like the Yubico 5C NFC on your desktop or laptop is an easy way to greatly improve the security of your account

Categories