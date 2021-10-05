



YubiKey Bio hardware security keys have USB-C and USB-A options.

Stephen Shankland / CNET

Hardware security key maker Yubico launched two new USB models with fingerprint recognition on Tuesday, adding a level of login security to a single device.

Hardware security keys such as Yubico are often used in combination with passwords to enhance the traditional login process. Even a hacker with a password will not be able to access your account without a security key. Hackers can’t download millions of hardware security keys, unlike the case of stolen passwords.

YubiKey Bio adds another layer of protection to the authentication process by enabling fingerprints, the second element of identification. This can completely replace the password for sites that can register keys like Microsoft. The key itself stores the fingerprint data and notifies the site that the authentication was successful.

Yubico’s new $ 85 UBS-C and $ 80 USB-A keys are part of the growing movement to overthrow passwords, which is the dominant method of login technology. Passwords are convenient and familiar, but face many security drawbacks. They can be stolen, forgotten, reused, or easily guessed.

High-tech giants like Microsoft, Facebook, and Google have emphasized the weaknesses of passwords, and in some cases, go beyond them altogether. In addition to hardware security keys, the technology industry is mitigating password issues with biometrics, phone authentication apps, and authentication standards called FIDO (Fast Identity Online).

I tried YubiKeyBio with a Microsoft account without a password and found that it was easy to set up the process of adding the hardware security key provided on the Microsoft account page. ([セキュリティ]Go to section, then[セキュリティの詳細オプション]Go to the subsection. After registering your fingerprint, login includes entering a username, inserting a key, and touching YubiKeybio’s fingerprint sensor.

The key also supports a PIN code. This may be useful for sites that do not support the biometric approach. However, it does not support NFC wireless links that other security keys use to communicate with the phone.

Released around the same time as National Cybersecurity Awareness Month, YubiKeyBio is not the first biometric security key. Feitian, a Chinese company that also manufactures Google’s Titan hardware security keys, has been selling BioPass keys for years. Based in Sweden, YubiCo is the largest security key maker.

To register YubiKey Bio for use on your website, you need to register your fingerprint, similar to the setup process you’ve experienced on your phone or PC.

Screenshots by Stephen Shankland / CNET

A serious failure has prevented hardware security keys from becoming mainstream. The difference from traditional physical keys outweighs the apparent similarity. It’s much more expensive than traditional keys and you can’t make a copy at a mall kiosk. Hardware security keys are also more complex to manage, such as registering for use on multiple websites.

If you put up with the hassle, hardware keys offer great security benefits. Since the hardware key is registered on a particular website, it protects against phishing attempts using fake websites. Unlike traditional keys, you can log on to many sites with a single hardware security key.

