+ Tuesday October 15th, 2019

Security and authentication are big, complicated problems that lots of companies are trying to improve. It’s not good enough to just set a password on something – passwords can be shared and compromised. Provision and use of two-factor authentication systems have seen a big rise in recent years after high-profile hacks, and Yubico – one of the longest-standing companies serving this area – today launched a security key designed to work across PCs, Macs, Android and iOS devices.

The YubiKey 5Ci features a USB-C connector at one end that’ll work in most modern laptops and Android devices, and an Apple Lightning connector on the other. It’s tiny – the size of a small USB flash drive, and not much wider than the ports it plugs into – and supports all the major security key standards and protocols. If you’re moving between platforms a lot, the dual connector will be a godsend.

YubiKeys are great options for adding to your keyring. They’re water- and crush-resistant, and they’re designed to live on your keyring for years (I’ve had an older model on my keyring for years and only recently retired it). You can use them with your social accounts, your Google account, and most password managers can be configured to require them. Ubico also has its own one-time password generator app that hides the generated codes until the key is inserted.

If you’ve ever used a security key before, the experience is the same – you’ll authenticate to whatever service for which you’ve set the key up, and then you’ll be asked to insert it. If you lose the key, you’ll need to obtain a new one and go through the enrollment process with your services again. Yubico recommends purchasing two keys to provide a bit of redundancy on this front, and they have a good point – you keep spare keys for your house and car, so why wouldn’t you do the same for authentication?

On most devices security keys are supported at the OS level via USB, but on iOS the apps need to integrate an SDK to use the YubiKey inserted in the Lightning port. Yubico says they hope that this will be easier over time with Apple tightening up and doubling down on personal security for its users, but an SDK is just as good a solution for now. Brave Browser is one of the first browser apps on iOS to support second-factor authentication using YubiKey.

If you’re not using a security key to provide two-factor protection for your major accounts and services, you really should consider getting one and setting it up as an extra option. Part of taking responsibility for securing your accounts is anticipating the methods you’ll use to get into your accounts under normal circumstances and then exceptional (if something’s wrong). If you were to lose your phone you’d still be able to log in to your accounts and services on a compatible device, and if you lose your UbiKey then you’d probably still be able to get an SMS.

Speaking of which, Yubico says there’s a LOT of Australians interested in securing their accounts, with around 100,000 personal keys shipped into the country over the years. A much larger number have made it into enterprises, with the company finding favour amongst higher education and government. Yubico also says there’s a couple of local clients working with their iOS SDK as well.

YubiKeys are available from Yubico’s website with a variety of different connectors according to your needs – head over to yubico.com/store. The new YubiKey 5Ci is USD$70. If you don’t need the Apple Lightning connector, you might be more interested in the UbiKey 5C with only the USB-C connector at USD$50, or the more classic-styled YubiKey 5 NFC (NFC with a USB-A connector) for USD$45 – you can use it on anything with an adapter (and remember to add an extra USD$5 for delivery).

Jason Murray   Deputy Editor

Jason Murray

Before discovering the Nexus One, Jason thought he didn't need a smartphone. Now he can't bear to be without his Android phone. Jason hails from Sydney, Melbourne or Brisbane depending on his mood and how detailed a history you'd like. A web developer by day with an interest in consumer gadgets and electronics, he also enjoys reading comics and has a worryingly large collection of Transformers figures. He'd like to think he's a gamer, but his Wii has been in a box since he moved to Sydney, and his PlayStation Vita collection is quite lacking. Most mornings you'll find him tilting at various windmills on Twitter - follow @JM77 and say hi!

Check Also

Get 4 months free trial with Circles.Life if you sign up by October 22

We covered the Australian launch of all-digital mobile operator Circles.Life last month, and today they’ve …