Two-factor authentication is a quick, easy way to add extra security to your accounts (or password managers). For even more security and peace of mind, consider buying a hardware token like the YubiKey or Google Titan.
They’re incredibly easy to set up, and as long as you keep the USB accessory on or near you—on your keyring, for example — you’ll be able to authenticate into supported accounts and services as quickly as typing in a password. And since nobody else will have your hardware authenticator, your accounts will be protected from other attackers.
Setting up a hardware token is simple
I have both a Google Titan and a Yubikey hardware token, and setting them up is as complicated as adding two-factor authentication to an account — which is to say, not complicated at all. All you have to do is visit your two-step authentication page on Google and select the option to add a new security key.
You then insert the key into a USB port on your computer, tap its button, and that’s it. Your key is now registered to your account, and will become your primary authentication method going forward.
When you go to log into your account on a new computer, you’ll see this prompt. And when you do, you’ll need to plug in your key, hit the button and that’s it.
What about other services?
You can use a Google Key with other sites and services, such as Facebook or Twitter. It doesn’t work with LastPass as of when we wrote this article — annoyingly enough — but using another hardware token like the YubiKey is just as easy.
For example, setting it up requires you to pull up LastPass’ settings; click on the YubiKey option under Multifactor Options; enable the token; and officially adding it by clicking on the “YubiKey #1″ field, inserting your token, and hitting the button.
This might sound like a lot, but it’s hardly more difficult than Google’s process. It took me the same amount of time to add a YubiKey to LastPass as it took to add a Google Titan key to my Google account—and if I wasn’t testing both, I’d probably just stick with the YubiKey, since it makes more sense to have one key you can use for all your services.
You might not ever need this much firepower, especially if you’re already using 2FA, but this is definitely one of those “if you get hacked, you’ll wish you had it” kind of preventative steps that’s easy to implement.