The Strongest Protection for Your Online Accounts? This Little Key
Kanebridge News
Share Button

The Strongest Protection for Your Online Accounts? This Little Key

Passwords aren’t enough to fend off hackers; these dongles are the best defense

By NICOLE NGUYEN
Mon, Mar 27, 2023 9:18amGrey Clock 4 min

Strong passwords are very important, but they’re not enough to protect you from cybercriminals.

Passwords can be leaked or guessed. The key to online security is protecting your account with a strong secondary measure, typically a single-use code. This is referred to as “two-factor authentication,” or 2FA, as the nerds know it.

I’ve written about all the different types of 2FA, such as getting those codes sent via text message or generated in an authenticator app. Having any kind of second factor is better than none at all, but physical security keys—little dongles that you plug into a USB port or tap on your phone during account logins—offer the highest level of protection.

Security keys have been around for over a decade, but now they’re in the spotlight: Apple recently introduced support for them as an optional, added protection for Apple ID accounts. Last month, Twitter removed text-message-based authentication as an option for nonpaying users, recommending instead an authenticator app or security key.

Some people are hesitant to use security keys because carrying around a physical object seems burdensome and they come with a $30-and-up added cost. Plus, what happens if they get lost?

I’ve used security keys since 2016 and think they are actually easier to manage than codes—especially with accounts that don’t require frequent logins. They’re not only convenient, but they can’t be copied or faked by hackers, so they’re safer, too.

Here’s how to weigh the benefits and common concerns of adding one or two of these to your keychain.

Which security key should I use?

Many internet services support the use of security keys, and you can use the same security key to unlock accounts on many different services. I recommend two from industry leader Yubico:

  • YubiKey 5C NFC ($US55) if you have a USB-C laptop or tablet
  • YubiKey 5 NFC ($US50) for devices with older USB ports

Other options include Google’s Titan security keys ($30 and up). In addition to working with laptops and tablets with USB ports, these keys are compatible with smartphones that have NFC wireless. Most smartphones these days have that, since it’s the technology behind wireless payments such as Apple Pay.

Adam Marrè, chief information security officer at cybersecurity firm Arctic Wolf, recommends that your chosen key is certified by the FIDO Alliance, which governs the standards of these devices.

How do security keys work?

To add a key, look in the security settings of your major accounts (Facebook, Twitter, Google, etc.). During setup, it will prompt you to insert the key into your laptop or tablet’s port or hold the key close to your phone for wireless contact.

Apple requires you to add two security keys to your Apple ID account, in case you lose one.

Typically, when you log in, you just go to the app or website where you’ve set up a key, enter your username and password as usual, then once again insert the key into the device or hold it close. (Some keys have a metal tab you have to press to activate.) At that point, the service should let you right in.

Why are they so secure?

Getting those two-factor login codes via text message is convenient, but if you are someone criminals are targeting, you could be the victim of SIM swapping. That’s where thieves convince carriers to port your number to a new phone in their possession, and they use it along with your stolen password to hack your accounts.

Even if they don’t go to all that trouble, criminals might try to trick you to hand them your codes, by calling you or spoofing a website you typically visit. At that point they can use the code for about 60 seconds to try to break in, said Ryan Noon, chief executive at security firm Material Security.

Security keys protect you in two ways: First, there’s no code to steal, and second, they use a security protocol to verify the website’s domain during login, so they won’t work on fake sites.

You can also add an authenticator app such as Authy to your most important accounts, to use only as a backup. But once you add these secure methods, you should consider removing the text-message code option.

In the rare case that someone snoops your passcode then steals your iPhone, beware: The perpetrator could still make Apple ID account changes using only the passcode, and even remove security keys from your account.

What happens if you lose your key?

The most important rule of security keys is to buy an extra one (or two).

“Think of your security key as you would a house or car key,” said Derek Hanson, Yubico’s vice president of solutions architecture. “It’s always recommended that you have a spare.”

If you lose a security key, remove it from your accounts immediately. You should have already registered your spare or an authenticator app as a backup to use in the meantime.

Where can you use a security key?

Start with your most valuable accounts: Google, Apple, Microsoft, your password manager, your social–media accounts and your government accounts.

When it comes to financial institutions, many banks don’t offer security-key protection as an option, though most leading crypto exchanges do.

What comes after security keys?

Security professionals and tech companies widely agree that passkeys are the future. They’re a new type of software option that combines the high security of a physical key with the convenience of biometrics such as your face or fingerprints. Passkeys are supported across the Android, iOS, Mac and Windows platforms, and some of your favourite sites already let you use them.

You can create a passkey on Facebook in security settings by following the app’s instructions under the security-key option. Dropbox has a similar passkey setup. Once you’re done, you’ll use your face or fingerprint as a second factor, instead of a code or key.

Eventually, physical security keys could be what we keep safe in strong boxes, as backups for our biometric-enabled passkeys. Even then, you’re probably going to want to have spares.



MOST POPULAR
11 ACRES ROAD, KELLYVILLE, NSW

This stylish family home combines a classic palette and finishes with a flexible floorplan

35 North Street Windsor

Just 55 minutes from Sydney, make this your creative getaway located in the majestic Hawkesbury region.

Related Stories
Money
New York Watch Auctions Record Uptick in Sales in the Face of Market Slowdown
By LAURIE KAHLE 24/06/2024
Money
The Crazy Economics of the World’s Most Coveted Handbag
By CAROL RYAN 24/06/2024
Lifestyle
Why It’s Easier Than You Think to Score a Coveted Table When Visiting Paris for the Olympics
By SHIVANI VORA 23/06/2024
New York Watch Auctions Record Uptick in Sales in the Face of Market Slowdown
By LAURIE KAHLE
Mon, Jun 24, 2024 4 min

Luxury watch collectors showed ongoing strong demand for Patek Philippe, growing interest in modern watches and a preference for larger case sizes and leather straps at the June watch sales in New York, according to an analysis of the major auctions.

Independent and neo-vintage categories, meanwhile, experienced declines in total sales and average prices, said the report from  EveryWatch, a global online platform for watch information. Overall, the New York auctions achieved total sales of US$52.27 million, a 9.87% increase from the previous year, on the sale of 470 lots, reflecting a 37% increase in volume. Unsold rates ticked down a few points to 5.31%, according to the platform’s analysis.

EveryWatch gathered data from official auction results for sales held in New York from June 5 to 10 at Christie’s, Phillips, and Sotheby’s. Limited to watch sales exclusively, each auction’s data was reviewed and compiled for several categories, including total lots, sales and sold rates, highest prices achieved, performance against estimates, sales trends in case materials and sizes as well as dial colors, and more. The resulting analysis provides a detailed overview of market trends and performance.

The Charles Frodsham Pocket watch sold at Phillips for $433,400.

“We still see a strong thirst for rare, interesting, and exceptional watches, modern and vintage alike, despite a little slow down in the market overall,” says Paul Altieri, founder and CEO of the California-based pre-owned online watch dealer BobsWatches.com, in an email. “The results show that there is still a lot of money floating around out there in the economy looking for quality assets.”

Patek Philippe came out on top with more than US$17.68 million on the sale of 122 lots. It also claimed the top lot: Sylvester Stallone’s Patek Philippe GrandMaster Chime 6300G-010, still in the sealed factory packaging, which sold at Sotheby’s for US$5.4 million, much to the dismay of the brand’s president, Thierry Stern . The London-based industry news website WatchPro estimates the flip made the actor as much as US$2 million in just a few years.

At Christie’s, the top lot was a Richard Mille Limited Edition RM56-02 AO Tourbillon Sapphire
Richard Mille

“As we have seen before and again in the recent Sotheby’s sale, provenance can really drive prices higher than market value with regards to the Sylvester Stallone Panerai watches and his standard Patek Philippe Nautilus 5711/1a offered,” Altieri says.

Patek Philippe claimed half of the top 10 lots, while Rolex and Richard Mille claimed two each, and Philippe Dufour claimed the No. 3 slot with a 1999 Duality, which sold at Phillips for about US$2.1 million.

“In-line with EveryWatch’s observation of the market’s strong preference for strap watches, the top lot of our auction was a Philippe Dufour Duality,” says Paul Boutros, Phillips’ deputy chairman and head of watches, Americas, in an email. “The only known example with two dials and hand sets, and presented on a leather strap, it achieved a result of over US$2 million—well above its high estimate of US$1.6 million.”

In all, four watches surpassed the US$1 million mark, down from seven in 2023. At Christie’s, the top lot was a Richard Mille Limited Edition RM56-02 AO Tourbillon Sapphire, the most expensive watch sold at Christie’s in New York. That sale also saw a Richard Mille Limited Edition RM52-01 CA-FQ Tourbillon Skull Model go for US$1.26 million to an online buyer.

Rolex expert Altieri was surprised one of the brand’s timepieces did not crack the US$1 million threshold but notes that a rare Rolex Daytona 6239 in yellow gold with a “Paul Newman John Player Special” dial came close at US$952,500 in the Phillips sale.

The Crown did rank second in terms of brand clout, achieving sales of US$8.95 million with 110 lots. However, both Patek Philippe and Rolex experienced a sales decline by 8.55% and 2.46%, respectively. The independent brand Richard Mille, with US$6.71 million in sales, marked a 912% increase from the previous year with 15 lots, up from 5 lots in 2023.

The results underscored recent reports of prices falling on the secondary market for specific coveted models from Rolex, Patek Philippe, and Audemars Piguet. The summary points out that five top models produced high sales but with a fall in average prices.

The Rolex Daytona topped the list with 42 appearances, averaging US$132,053, a 41% average price decrease. Patek Philippe’s Nautilus, with two of the top five watches, made 26 appearances with an average price of US$111,198, a 26% average price decrease. Patek Philippe’s Perpetual Calendar followed with 23 appearances and a US$231,877 average price, signifying a fall of 43%, and Audemars Piguet’s Royal Oak had 22 appearances and an average price of US$105,673, a 10% decrease. The Rolex Day Date is the only watch in the top five that tracks an increase in average price, which at US$72,459 clocked a 92% increase over last year.

In terms of categories, modern watches (2005 and newer) led the market with US$30 million in total sales from 226 lots, representing a 53.54% increase in sales and a 3.78% increase in average sales price over 2023. Vintage watches (pre-1985) logged a modest 6.22% increase in total sales and an 89.89% increase in total lots to 169.

However, the average price was down across vintage, independent, and neo-vintage (1990-2005) watches. Independent brands saw sales fall 24.10% to US$8.47 million and average prices falling 42.17%, while neo-vintage watches experienced the largest decline in sales and lots, with total sales falling 44.7% to US$8.25 million, and average sales price falling 35.73% to US$111,000.

MOST POPULAR
11 ACRES ROAD, KELLYVILLE, NSW

This stylish family home combines a classic palette and finishes with a flexible floorplan

35 North Street Windsor

Just 55 minutes from Sydney, make this your creative getaway located in the majestic Hawkesbury region.

Related Stories
Property
Belle Epoque Estate Lists in France’s Fragrant Perfume Capital
By CHAVA GOURARIE 21/06/2024
Property
Thousands of Australian companies on the brink of going into administration as EOFY nears
By Bronwyn Allen 21/06/2024
Lifestyle
Celebrations Big and Small Are Getting Longer and More Extravagant for the Rich
By SHIVANI VORA 21/06/2024
0
    Your Cart
    Your cart is emptyReturn to Shop