This isn’t strictly a privacy question as a security one, so I’m asking this in the context of individuals, not organizations.

I currently use OTP 2FA everywhere I can, though some services I use support hardware security keys like the Yubikey. Getting a hardware key may be slightly more convenient since I wouldn’t need to type anything in but could just press a button, but there’s added risk with losing the key (I can easily backup OTP configs).

Do any of you use hardware security keys? If so, do you have a good argument in favor or against specific keys? (e.g. Yubikey, Nitrokey, etc)

  • Kindness@lemmy.ml
    link
    fedilink
    arrow-up
    4
    ·
    edit-2
    9 months ago

    You should always back up your OTP secrets, but I agree Yubikeys are a good choice. You can get USB A for $25. I think the Yubikey 5 grants you app access for an additional $25 or more? Pass.

    • 4vr@lemmy.ca
      link
      fedilink
      தமிழ்
      arrow-up
      1
      ·
      9 months ago

      What I did was to use keepass to store most of TOTP and use Yubikey to unlock it. Absolute critical ones like email is saved directly in Yubikey.