SoylentNews

canopic jug [soylentnews.org] writes:

Paul Stamatiou has written a blog post about getting started with hardware security keys [paulstamatiou.com]. He provides a short introductory guide as to why they are a good idea to use, what they are, and how to get started using them:

Security keys, security tokens, U2F keys, roaming authenticators, platform authenticators—whatever you want to call them—are hardware authenticators that run public-key cryptography operations in a manner that is entirely isolated from the rest of mobile device or computer. There are two general classes of security keys: internal platform authenticators and external roaming authenticators.

Platform authenticators are integrated inside of a device. They may take the form of an integrated security chip accessible by software for the purpose of web authentication, such as the security chip in the Pixel 3, or biometrics devices like fingerprint readers and facial recognition sensors.

This article has primarily been about other variant: roaming authenticators. These are the little external hardware authenticators you connect to any device (via Bluetooth LE, NFC or USB) to carry out your authentication needs. They communicate with your computer via FIDO CTAP (Client to Authenticator Protocol).

His advice includes setting up a spare key in case the primary hardware token is lost or damaged.

Original Submission