View offer on yubico

The U2F security key was created in order to provide increased security for connecting to user accounts. Google, Facebook, WordPress, etc., are services containing various types of personal data, such as photos or private discussions that are not intended for public disclosure.

Using a U2F key is undoubtedly the best way to protect your online accounts: in addition to having your login and password, you need to have the key with you…

A single password may be sufficient for people who occasionally use these services, along with double authentication (i.e. 2FA, also known as Two Factor Authentication, as popularized by Google Authenticator) whose use has expanded across various platforms. But the most experienced should start using a U2F key in order to ensure total protection of their computer accounts, whether they are social media, online file storage or otherwise.

How does a U2F key work?

Its shape is identical to a traditional USB flash drive, except the device contains no data. It actually contains a single secure chip that allows the person using it to access their account. In a certain sense, it’s like the key to a safe that there’s only one of in existence – no duplication is possible.

The proper functioning of this USB drive is based on the Universal Second Factor protocol, also abbreviated as FIDO U2F. This IT standard was developed by three companies: Google (with Google Titan), Yubico (with Yubikey NEO) and NXP. NXP also invented NFC chips. The U2F standard has been since handed over to the FIDO Alliance, which encompasses several IT companies.

We advise you to buy at least 2 copies of the key and associate both of them to your accounts. One that you keep with you at all times, and one for back-up at home.

Comparison of U2F keys 

Solo Tap - Clé de sécurité NFC authentification bi-facteurs, U2F et FIDO2 - USB-A + NFC
Yubico YubiKey 5 Nano Two Factor Authentication Security Key - Black - USB-A
BEST VALUE FOR MONEY
Yubico - Security Key NFC - USB-A - Two Factor Authentication Security Key
Yubico - YubiKey 5 NFC - USB-A - Two Factor Authentication Security Key
ChipNet FIDO U2 F – Clé de sécurité USB NFC et JavaCard, Couleur Anthracite
Titre produit
Solo Tap - NFC Security key
Yubico YubiKey 5 Nano
Yubico - Security Key NFC - USB-A
Yubico - YubiKey 5 NFC - USB-A
ChipNet FIDO U2F
Customer reviews
Water proof
RSA 4096
NFC
Ios/Android
Price
35,00 €
60,00 €
35,00 €
54,99 €
43,31 €
Our review
Apart from a different colour, nothing more than the others
A must have if you want to have it constantly plugged in.
THE reference, and in addition NFC. You won't find better
The most recent TOTP / HOTP / PIV / PGP compatible version: You have to need it for 20 euros more
This key is NFC but still a bit expensive compared to yubico.
Solo Tap - Clé de sécurité NFC authentification bi-facteurs, U2F et FIDO2 - USB-A + NFC
Titre produit
Solo Tap - NFC Security key
Customer reviews
Water proof
RSA 4096
NFC
Ios/Android
Price
35,00 €
Our review
Apart from a different colour, nothing more than the others
Yubico YubiKey 5 Nano Two Factor Authentication Security Key - Black - USB-A
Titre produit
Yubico YubiKey 5 Nano
Customer reviews
Water proof
RSA 4096
NFC
Ios/Android
Price
60,00 €
Our review
A must have if you want to have it constantly plugged in.
BEST VALUE FOR MONEY
Yubico - Security Key NFC - USB-A - Two Factor Authentication Security Key
Titre produit
Yubico - Security Key NFC - USB-A
Customer reviews
Water proof
RSA 4096
NFC
Ios/Android
Price
35,00 €
Our review
THE reference, and in addition NFC. You won't find better
Yubico - YubiKey 5 NFC - USB-A - Two Factor Authentication Security Key
Titre produit
Yubico - YubiKey 5 NFC - USB-A
Customer reviews
Water proof
RSA 4096
NFC
Ios/Android
Price
54,99 €
Our review
The most recent TOTP / HOTP / PIV / PGP compatible version: You have to need it for 20 euros more
ChipNet FIDO U2 F – Clé de sécurité USB NFC et JavaCard, Couleur Anthracite
Titre produit
ChipNet FIDO U2F
Customer reviews
Water proof
RSA 4096
NFC
Ios/Android
Price
43,31 €
Our review
This key is NFC but still a bit expensive compared to yubico.

Advantages and disadvantages 

Advantages

  • Total security: Only the person who holds the U2F key can connect to the associated account using the password. Security is therefore taken to a higher level by completely restricting access to user accounts. A password is not enough in itself; the U2F key is needed. Only the person possessing these two means of authentication can access the intended account.
  • Ease of use: When you buy a U2F security key, you simply link it to a compatible computer service. Once it’s set up, which takes very little time, there’s nothing more to do than connect the key to the computer when you need to authenticate to a site. You simply push the button on the key to verify the authentication. It’s extremely easy to use, and only takes a few additional seconds, but it ensures a higher level of security.

Disadvantages

  • An additional step: Connection to an internet service is now subject to authentication by a U2F security key, so you must remember to bring it with you at all times. If you forget to bring it, you can’t connect to your account. On the other hand, if your security key is permanently lost, a backup solution is automatically requested during configuration. It is nevertheless suggested that you have two keys: one attached to your key chain and another that’s kept in a separate place just in case (a safe, or another place in your home…).
  • An initial investment: U2F security keys cost money, of course, but it’s not that much compared to the value they provide. They start out at around ten euros, and can cost up to around fifty euros. The features vary according to price, with the most expensive keys offering other options, such as NFC chips. When you think about it, fifty euros to reduce your chances of being hacked to practically nothing…you could say it’s a real bargain!

U2F keys currently on the market

Several dozen are available. Hypersecu offers the most affordable keys on the market, at less than ten euros. The features are very basic since it’s a just mini key with a small button to verify authentication. Yubico has developed security keys which fit various types of USB ports. Another brand that’s very popular, Chipnet has the most expensive keys, but they offer the most features, such as NFC chips. 

The Yubico keys

Yubico Clé de sécurité – U2F et FIDO2, USB-A, authentification à 2 facteurs
Protect your online accounts from unauthorized access using two-factor authentication with this security key.
Works with Gmail, Facebook, Dropbox, Twitter, Dashlane and many other services.
Durable, waterproof, and crush-resistant - simply attach it to your key ring.
Supports FIDO2 and FIDO U2F protocols only
Made in Sweden
Yubico Clé de sécurité YubiKey 4 Nano FBA_Y-159
The YubiKey 4 Nano offers strong authentication via our Yubico OTP (one-time password) service, FIDO U2F (Universal 2nd Factor) protocol, and a smart card (PIV, OpenPGP, OATH-TOTP and OATH-HOTP) -- all at the touch of a button.
Works instantly without the need to enter a code -- replacing SMS or authentication software, RSA tokens and other devices
Identifies itself as a USB keyboard and smartcard and smartcard reader combination -- no driver or client software required, no battery or removable part
The FIDO U2F is waterproof, shock-resistant and virtually indestructible in normal use. It weighs only 1 gram and fits almost entirely into a USB port.
Produced in the USA and Sweden with a high level of safety and quality
Yubico - YubiKey 5 NFC - USB-A - Two Factor Authentication Security Key
  • Protect online accounts against unauthorized access by using two factor authentication with this security key.
  • Works with Gmail, Facebook, Dropbox, Twitter, Dashlane, LastPass and hundreds of other services
  • Extremely secure and durable - YubiKeys are tamper proof, water resistant, and crush resistant
  • Fits USB-A computer ports and designed to stay in port | Touch based authentication for NFC supported Android and iOS devices and applications
  • Multi-protocol support: FIDO2, FIDO U2F, Yubico OTP, OATH-TOTP, OATH-HOTP, Smart card (PIV), OpenPGP, Challenge-Response; Made in USA
Yubico - YubiKey 5C - USB-C - Two Factor Authentication Security Key
  • Protect online accounts against unauthorized access by using two factor authentication with this security key.
  • Works with Gmail, Facebook, Dropbox, Twitter, Dashlane, LastPass and hundreds of other services
  • Durable & water resistant
  • Fits USB-C computer ports and designed to fit on your keychain
  • Multi-protocol support: FIDO2, FIDO U2F, Yubico OTP, OATH-TOTP, OATH-HOTP, Smart card (PIV), OpenPGP, Challenge-Response

Website compatibility with U2F keys

Several hundred sites or services currently allow connection with a U2F key. Here is a non-exhaustive list of companies:

Password

  • 1Password
  • Dashlane
  • KeePass

Developper

  • Bitbucket
  • Github
  • Sentry
  • AWS

CMS

  • Blogger
  • Drupal
  • Joomla
  • WordPress

OS

  • CentOS
  • Debian
  • MacOS
  • Microsoft
  • Red Hat
  • Ubuntu

Crypto

  • BitBay
  • Bitfinex
  • Bitmex
  • Brave
  • Binance
  • Kraken

Social

  • Facebook
  • Instagram
  • Twitter
  • Reddit
  • Youtube

Business

  • Citrix
  • Google
  • IBM
  • SalesForce
  • Team Viewer
  • ZenDesk

Games

  • Electronic Arts
  • Epic Games

Others

  • Fastmail
  • ProtonMail
  • Shopify
  • Dropbox
  • Trello

 

Several hundred sites currently allow connection with a U2F key. Among them all the services of Google (Gmail, Drive, Hangouts…), Facebook, Twitter, Dashlane, Dropbox or WordPress.

Other services such as FastMail, PushCoin or Sentry.

For the most geeks among you, you can also manage the login of your PC or Macbook with a U2F key.

The list is constantly updated according to the evolution of the sites and their policies. Check with the support of the sites you visit to find out if they use U2F key logon. 

U2F keys of other brands

ChipNet FIDO U2 F – Clé de sécurité USB NFC et JavaCard, Couleur Anthracite
USB + NFC (FIDO U2F Security Key) for PC, Mac and Android mobile devices with NFC (Near Field Communication), OEM manufacturing with specifications adapted to the market and with strict quality control carried out by the best professionals in the sector.
Two-step verification on Facebook, Google, Gmail, Dropbox, OneDrive, GitHub and many new services that now use this new security measure.
Auto - installable on Windows, Mac, Linux and Android. Very easy to use, without having to install any drivers or programs.
Web support with Spanish user manuals
Feitian ePass FIDO-NFC Security Key
Wireless communication powered by USB and NFC for compatible devices.
Supports Chrome OS, Windows, MacOS, Linux and Android.
Prevents phishing or man-in-the-middle. Site-specific keys. Pre-installed OATH OTP applet.
CCID-compatible USB, including secure element and JavaCard.
Stock and support from France and UK.
ChipNet Fido U2 F Basic – Clé de sécurité USB pour vérification en Deux étapes, Couleur Noir
USB security key (Fido U2 F) for PC, Mac
Two-step verification of Facebook, Google, Gmail, Dropbox, OneDrive, GitHub, and other services that go along with this new security measure.
Auto-installation on Windows, Mac and Linux. Very easy to use, without installing any drivers or programs.
Spanish user guides and personalized after-sales support
Hyperfido Pro Mini U2F/FIDO2/HOTP Clé de sécurité
  • FIDO2 pris en charge.
  • Prise en charge FIDO U2F
  • Oath HOTP (mot de passe unique basé sur un événement) pris en charge.

How does the 2FA system work?

To go further, U2F keys are a dual authentication system to prevent hacking and piracy, the 2FA system reinforces cybersecurity. 2FA means: two-factor authentication, or two-step validation.

2FA requires two different ways of identifying oneself in order to connect to a service or one’s account. For example, withdrawing money from an ATM requires the insertion of the bank card and then the PIN (personal identification number). Other types of 2FAs work with a single-use code, changing with each connection, for example with Google Authentificator.

Types of 2FA system

The 2FAs by sms work by receiving a different code by sms. More efficient, the 2FA by authentication application produces codes locally from the mobile device used. It uses a start key called “seed”, which is generated and stored in the server. It is encoded and synchronized with the time and date, as soon as you connect. The 2FAs by login validation use public key cryptography to verify identity. Finally, the U2F (two steps verification) is the improved version of the 2FA, using an independent component: smart card, login token or fido u2 security key.

Disadvantages of 2FA

If the user of a 2FA to sms is in an area not covered by the server, he will not receive sms. The disadvantage is that scammers can connect to a mobile phone using the SIM Swap technique. Therefore, it is not recommended to use the 2FA by sms. Even the 2FA by login validation are vulnerable, because if a mailbox is hijacked, passwords can be reset and the verification code sent by mail to the malefactor.

Close Menu