Whats the best U2F key

MrAlfredBuddyGuy · March 28, 2019, 7:39pm

I would love to see a Level1 video on the current state of U2F products and authenticator apps.

I’m nearly in the market of buying a new phone. And I’m dreading the day because I’ll have to deactivate 2FA on a lot of accounts, just so I can enable it again on my new phone with a new app.

With that said, I understand these types of products might be of benefit for me because in combination with an app, it seems like the seeds are stored on the physical product.

Is that true?

The only products I have recently discovered are Google Titan, Nitrokey, and Yubikey.

Are there others? Which physical product are you using, and which app have you paired it with? Have you had success using backups/switching devices etc?

Thanks!

Edit: I guess this is a little more complicated than I thought. The Authenticator apps I’m used to, use TOTP (Time based one time password). While U2F is I guess something different.

SgtAwesomesauce · March 29, 2019, 3:29am

Yubikey, hands down. I’ve tried titan and yubi.

zeta_n · March 29, 2019, 4:40am

Can vouch for YubiKey as well, we use it at work for most of our enterprise clients when authenticating for RDP in Windows Server. Very simple to swap out keys and maintain, secure as well.

rockmoe86 · June 5, 2019, 2:18pm

My only issue with potentially using yubikey is that it is developed by Google and I am sure we all know what Google likes to do with peoples data. Hoard and exploit it to their benefit and our detriment.

Eden · June 5, 2019, 2:46pm

No it’s not… Its developed by Yubico.

Zszywany · June 5, 2019, 5:54pm

Googles key is named Titan if i recall correctly.

Edit: Oh it is in the first post xD

SgtAwesomesauce · June 5, 2019, 5:54pm

This is true.

Eden · June 5, 2019, 6:00pm

The Bluetooth Titan key also has a hardware flaw. Google are replacing them. Just FYI for anyone who might have one.

Ruffalo · June 5, 2019, 6:05pm

Yubikey is the best hardware key, but more importantly, you should switch to Authy. It stores all your 2FA keys in their cloud and is end-to-end encrypted so they’re secure. This makes it super easy to switch phones.

https://authy.com/

SgtAwesomesauce · June 5, 2019, 6:44pm

Yeah, nice try NSA

Old_Snake · September 3, 2019, 7:35am

Is this true? If this is the case then I would totally move to Authy. I currently use Google Authenticator and few months ago I found out the pain of needing to move every single 2FA accounts to a new phone. I started with my Google account and stopped there, it was a pain. I rather not do this every time I get a new phone

Eden · September 3, 2019, 7:47am

Yes most of them store the totp locally only.

Last pass also has a totp app and sync function as does 1Password

Old_Snake · September 3, 2019, 7:54am

Thanks, good to know.
I can finally sell or giveaway my old S6.

Ruffalo · September 3, 2019, 11:18am

They do but again, it isn’t a good idea to have your password manager and 2FA in the same app.

vlycop · September 3, 2019, 1:02pm

The fluff Oo
The idea of a 2fa is to mix 2 TYPE of auth Factor. You just change something you own by another password (something you know). This is no longer 2fa … I guess it’s still beter than just a single pass…

Yubikey are nice, but last time i checked they don’t sell the ultimate key yet. You have to choose between nfc, and the type of proto you need.