You don’t use a security as much for your own logins but rather to prevent others from accessing your accounts. They use the FIDO2 protocol, which has been widely adopted by major tech companies, but is far from universal. Unless someone has your security key, they can’t get into your account. When you plug it into your computer, that data is read, and it works like a key in a lock, providing a second factor that unlocks a digital door. Your authenticator app, or password manager handling these codes, shows a countdown as the time progresses, and generates a new code when the time runs out.Ī security key is essentially a mini flash drive that contains a tiny bit of data, which is a cryptographic key.
Each code is valid for thirty seconds, because both the server you’re logging into and the authenticator app know what time it is. They create unique, time-limited, one-time passwords. Or someone could clone your phone, getting a SIM card with the same number as you, intercepting your messages in real time.Īuthenticator apps are another option. Someone could steal your phone, and, even if they can’t unlock it, if you have your device set to show the content of your messages on the lock screen, they can see your codes as they arrive. SMSs are not encrypted, and can be intercepted in transit. SMS is practical and fast, but it has security risks. In this article, I’m going to explain why you might want to use a security key to protect certain accounts, how to set one up, and how to use it. They are portable, like flash drives, and easy to use. Security keys are another way to add an additional authentication factor. But SMS is inherently insecure, and other methods are needed to ensure optimal security. In many cases, these codes are sent by SMS text messages, and must be used within a few minutes. This combines something you know – your user name and password – with something you have, which is generally a code that is generated on demand. In order to ensure security, most sensitive services now offer two-factor authentication (sometimes called two-step authentication). If someone gets access to some of your accounts – especially your email account – they can get access to others, and potentially usurp your identity.
Protecting your online accounts has become more important, as so much of our lives takes place on websites, via email, and through messaging. How To How to Use a Security Key to Protect Sensitive Online Accounts
0 kommentar(er)
