How to Use a U2F Key to Secure Your Crypto Accounts

2020-2-9 20:32

Universal 2nd Factor (U2F) is an open standard for strengthening two-factor authentication. It involves the use of a physical key to reinforce 2FA, hardening your online accounts from attack. In this guide, we’ll explain how to use a Yubikey to lock down your exchange account, email account, and other valuable online accounts.

Also read: German Economy in Risk of Recession Amid Weak Demand, Tariff Threat, and Epidemic

U2F Is Physical 2FA for the Security Conscious

If you’re at heightened risk of online attack, say, cos you’re a sysadmin or cryptocurrency trader, you should take steps to secure your accounts. Most bitcoiners already use 2FA, such as the Google Authenticator app, to secure their crypto accounts. U2F takes that to another level by mandating use of a physical key that is inserted into the USB port of your device, or held in proximity to your smartphone if it’s an NFC key. Even in the event of malware being installed on your computer, or your 2FA recovery codes being stolen, a U2F key should keep attackers at bay.

For the purposes of this guide, we’ll be using a Yubikey, one of the most popular devices on the market. (Google, for its part, also recommends the Feitian keys.) Manufacturer Yubico boasts “Zero recorded account takeovers in 11 years” because “the physical key requires a human touch and cannot be remotely hacked.” Lose your key, however, and things get a little complicated, since unlike Google Authenticator, Yubikeys don’t come with recovery codes. We’ll troubleshoot that problem shortly, once we’ve covered the basics.

Feitian’s Multipass FIDO key works with Bluetooth, USB-C and NFC One Key to Secure Them All

Yubikeys retail for around $50 apiece and, like hardware wallets, are best ordered direct from the manufacturer to prevent tampering. Yubico supplies a range of keys including a Nano version whose compactness makes it suitable for leaving permanently plugged in to the USB slot of a trusted desktop computer. The 5 series is the range that most consumers will opt for. They’re designed to secure Google, Microsoft, Github, Dropbox, Facebook, Twitter, and Lastpass accounts, as well as various crypto related platforms.

Yubico works with Binance, Bitfinex, Bitmex, Kraken, and hundreds more companies across dozens of industries. Attend any developer-oriented crypto conference and you’ll see U2F keys plugged into laptops and dangling from keychains worn by delegates. You don’t have to be in charge of your team’s Github repo to warrant a Yubikey, however – simply holding crypto on a centralized exchange can be cause enough. Plus, in an era of NFC, biometrics, QR codes, and contactless payments, it feels badass to be carrying a physical key with magical powers.

Using Your U2F Key

If you’re intent on locking down your accounts with the aid of a Yubikey or similar U2F device, the first place to start is your email. If you’re a Google user, the Advanced Protection portal will guide you through the process. Other email providers including Protonmail also support the U2F protocol.

Pairing a Yubikey with Google.

Next, you should secure your cryptocurrency accounts, including any exchanges you trade on, in the same manner. Add a Yubikey to your Binance account, for instance, and you’ll be prompted to plug it into your computer every time you log in or withdraw. It effectively replaces the 2FA you will have been using up until now.

Pairing a Yubikey with Binance

If you’re wondering what happens if your U2F key is lost, broken, or stolen, many sites will let you pair multiple keys, providing redundancy in the event of key loss. Unfortunately, Binance is not one of them. Lose your key and you’ll need to initiate Binance’s account recovery process, which may take a few days to complete and will require alternate verification.

Every time you log in to Binance you’ll see this message

U2F keys aren’t perfect, then, or to be more accurate, there are situations where their security model comes at the expense of convenience. If you’re intent on using one, though, that’s a sacrifice you’ll be willing to make in the quest of greater security. Where possible, pair two U2F keys with each of your online accounts, and keep your master key securely stored on a chain at all times. Once implemented, using a U2F key every time you log in will become second nature.

What’s your experience of using U2F keys? Would you recommend them? Let us know in the comments section below.

Disclaimer: This article is for informational purposes only. It is not an offer or solicitation of an offer to buy or sell, or a recommendation, endorsement, or sponsorship of any products, services, or companies. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.

Images courtesy of Shutterstock.

Did you know you can verify any unconfirmed Bitcoin transaction with our Bitcoin Block Explorer tool? Simply complete a Bitcoin address search to view it on the blockchain. Plus, visit our Bitcoin Charts to see what’s happening in the industry.

The post How to Use a U2F Key to Secure Your Crypto Accounts appeared first on Bitcoin News.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Know Your Developer (KYD) на Currencies.ru

$ 0.0030039 (+0.00%)
Объем 24H $0
Изменеия 24h: 0.00 %, 7d: 0.00 %
Cегодня L: $0.0030039 - H: $0.0030039
Капитализация $0 Rank 3603
Цена в час новости $ 0.0031597 (-4.93%)

your accounts use u2f account online key

your accounts → Результатов: 122


Фото:

2FA codes are great for security, except when 26M of them are leaked

Just when you thought two-factor authentication was enough to secure your online accounts, a troubling discovery shows how this system can be comprised, thanks to human error. TechCrunch reports that a database of text messages containing more than 26 million 2FA codes, password reset links, and delivery tracking details was left out in the open … This story continues at The Next Web

2018-11-16 13:22


Фото:

Poloniex Revised Terms of Use, Shutters Services in Several Countries

With a revision to the popular exchange’s terms of use, users from a handful of jurisdictions will have their access to Poloniex shuttered. According to an October 18, 2018, update, “the websites and the services offered by Poloniex (as defined below) are NOT addressed to persons who have their registered office or place of residence in China, Germany, Pakistan, the U.

2018-10-26 22:46


Фото:

Singapore’s financial regulator wants its banks and blockchains to be friends

Singapore’s financial regulator has revealed it will help local cryptocurrency firms set up traditional bank accounts, to help boost the country’s fintech economy. “What we are trying to do is to bring the banks and cryptocurrency fintech startups together to see if there is some understanding they can reach,” Monetary Authority of Singapore managing director Ravi Menon told Bloomberg.

2018-10-11 13:52


Galion.io ICO

Galion will allow you to handle all your assets and access all your financial services, crypto or not: bank accounts, crypto and fiat trading accounts, credit card services, etc. Galion will deploy a revolutionary financial management platform, powered by the Galion Token to allow you to access the best financial expertise available.

2018-7-16 19:22


Фото:

Yes, you’re losing Twitter followers. No, it’s not because you’re an asshole (probably).

Twitter today announced it’d be removing locked accounts from users’ follower counts.  If you’ve noticed a precipitous drop in follower counts today, it’s not you — it’s your followers. Reports surfaced earlier this week that Twitter had suspended a multitude of fake accounts in the months of May and June — apparently in an attempt to curb the rise of bot and their accompanying cocktail of issues.

2018-7-12 02:47