YubiKey 5C NFC Review: The Simplest 2FA Method. Period

If you want to better secure your online accounts, the YubiKey 5C NFC is the quickest and simplest way to implement two-factor authentication (2FA) on your phone, tablet, PC, and laptop

[letsreview]

If you’re security conscious, or you’ve been burnt by online scammers and/or hackers in the past, you’ll probably know all about two-factor authentication. If you don’t, it’s basically an extra layer of security that can be applied to most of your online accounts.

Plenty of applications and software platforms now support 2FA. You’ve probably come across 2FA online. Like when you attempt to log in to an app or service and then a password is sent via SMS to your phone. This is 2FA in its most basic form. And they’re called single-use codes. Facebook uses them, and so does PayPal.

There are other, more secure methods, however, and this is what the YubiKey 5C NFC does – it uses a range of 2FA methods with a view to making all of your accounts incredibly secure. And it does it all from a single, tiny USB dongle that inserts into your phone, laptop, or tablet.

How Does The YubiKey 5C NFC Work?

The INS and OUTS of how 2FA works are actually pretty complicated, so let’s explain how the YubiKey 5C NFC works with an example. Plenty of web apps support 2FA, whereby a secondary password is required to access the platform.

This secondary, temporary password is generated by the service provider (or the app you want to access) and is normally sent to your phone via text or your inbox via email. And this is fine; it works. But it is no good if you’re out in the boonies with no reception or internet connection.

These secondary passwords are generated randomly by the service provider or application. Facebook, for example. They’re long passwords and generally speaking and more or less impossible to crack, unlike your account’s password which is probably very easy to crack in most cases.

Normally, you can store these secondary passwords on your phone, inside apps like Google Authenticator or Authy, again, which is fine. But what the YubiKey 5C NFC does is let you store them inside a secure, non-internet connected environment, meaning you and only you have access to them.

If you’re very security conscious, this is an ideal solution. Why? Simple: none of your 2FA codes are stored in the cloud. They’re hermetically sealed inside a secure device that only you have access to. And if that wasn’t enough, you can also lock down the YubiKey 5C NFC itself, giving you a third layer of protection.

How The YubiKey 5C NFC Works In Practice

Again, let’s use a real-world example here. Twitter will let you use 2FA and it even supports the YubiKey 5C NFC. Once you have the YubiKey 5C NFC setup with your phone, every time you – or someone else – attempts to open your Twitter app or your Twitter account, it will require the YubiKey 5C NFC to initiate it.

On your end, all you’ll have to do is tap the YubiKey 5C NFC to your phone to access the account or, if you’re on your PC, connect the YubiKey 5C NFC via USB and let it run its 2FA magic. You can also use the YubiKey 5C NFC with your Google account, Dropbox, and loads more online services.

Each YubiKey 5C NFC key comes with a static password too, so when you open an application or account, say Twitter, for instance, you’ll be prompted to enter your 2FA key after logging in. From here, you insert the YubiKey 5C NFC into your phone, enter a few memorized numbers, and the YubiKey 5C NFC will fill out the other 32 characters.

The benefit here is that NONE of your passwords will be stored on your phone’s password manager, everything is stored non-locally on the YubiKey 5C NFC key. And only you have access to the data on the key. And because there is no web connection on the YubiKey 5C NFC, there are no backdoors.

With respect to securing your accounts, this is about as secure as you can get. I mean, no one – meaning literally no entity on earth – would be able to get around this level of security. If you have business accounts, or accounts with sensitive information on them, something like the YubiKey 5C NFC is not only helpful, it is essential.

Is The YubiKey 5C NFC Worth It?

If you want to ensure that your online accounts are locked down, and you’d like the use 2FA to its absolute maximum potential, something like the YubiKey 5C NFC is a great piece of tech to have at your disposal – it’s cheap at just $55/£55, it is simple to set up, and it works brilliantly.

Do you need this level of security? Maybe not. But some users do and if you’re one of those types of users, and you don’t want your account’s passwords being stored in the cloud, the YubiKey 5C NFC is the easiest way to keep everything locked away offline.

But what is really cool about the YubiKey 5C NFC is its size; it is tiny, around an inch long, and it can be attached to a keychain or worn around your neck, so you have it on you at all times. And doing 2FA with a physical device means you’re not limited by cellular connectivity.

Also, you don’t need to use 2FA on all your accounts either, just the most important ones – things like your Google account and anything related to finance are probably the best place to start. Still, if you have a very popular Twitter account, it’d probably be worth locking it down with something like the YubiKey 5C NFC just to be sure.

And for just 55 bucks, the YubiKey 5C NFC is a very inexpensive way of locking down and securing your most precious online accounts with water-tight 2FA security.

Richard Goodwin

Richard Goodwin has been working as a tech journalist for over 10 years. He is the editor and owner of KnowYourMobile.