When it comes to 2FA keys, the Yubikey is considered the gold standard. But since there are multiple keys that they offer – the 5 series, the new Bio and even the budget security key – choosing the best YubiKey can be a bit confusing. So when you compare the 5 NFC vs Bio, which YubiKey should you get? This guide will help you.
Although Yubico, the parent company behind all of the Yubikey 2FA keys, offers a number of different kinds of physical devices, we’re going to focus on the three most popular here:
- Yubikey Security Key
- Yubikey 5 NFC
- Yubikey Bio (new)
By comparing these three 2FA keys and explaining the important differences, you should be able to make an informed decision about which is right for you.
Note: Some of the links in this article may be affiliate links, which means that at no extra cost to you, I may be compensated if you choose to use one of the services listed. I only recommend what I personally have used, and I appreciate your support!
Yubikey 2FA Key Comparison Chart
To help you make an informed decision, here’s a quick Yubikey comparison chart the various features and benefits of their most popular 2FA keys, including the new Bio.
Yubikey 5 NFC
*all prices listed in US Dollars
**although the 5 NFC doesn’t have a lightning port, the 5Ci does
***One-Time Passcode; see below for further explanation
How to Choose the Best Yubikey 2FA Key
Based on the chart above comparing the Security Key vs Yubikey 5 NFC vs Yubikey Bio, you can see the primary differences between the keys.
In order for you to choose the best Yubikey 2FA key for you, here are the three primary questions you need to ask before you purchase.
1. Which Connector Do I Need?
Depending on your set of devices (laptop, mobile, tablet), you’ll need to choose the connector that allows you to use your key in the most places. Here’s a quick description of the four connectors you need to know about:
- USB-A: This is the oldest, most common USB port that you’ve been using for years. Any laptop or computer that wasn’t bought in the last couple years will have USB-A ports.
- USB-C: Newer computers and mobile devices are starting to adopt the USB-C port because it is multi-use and reversible.
- NFC: This stands for “Near Field Communication” and is the technology that will allow you to use a 2FA key with most any mobile device. If you need to log into your accounts on Apple and Android mobile devices, this is important.
- Lightning: The Lightning port is exclusive to Apple devices. If you use an iPhone or iPad, this might be useful.
2. Which Accounts Will I Use the 2FA Key For?
Stop and take note. This is important!
The last thing you want to do is to purchase a key that doesn’t secure all of the accounts that you need to secure.
For example, I use a 2FA key to secure my Wealthfront investment account. Unfortunately, at this time, Wealthfront is not compatible with 2FA keys, so I need the ability to create OTP (one-time passcode). For this reason, the Yubikey 5 NFC is the best option for me.
What is OTP (One Time Passcode)?
Another way to ask this question is to find out how often you log into your secure accounts on your mobile device versus your laptop.
- If most of the accounts are accessed from your desktop computer, then the Yubikey Bio is an excellent option.
- If most of the accounts are accessed from your mobile device, then the Yubikey 5 NFC is a better key.
- If most of the accounts you want to secure don’t require OTP, then the Security Key is a budget-friendly option.
To help you choose, you can always use the Works with Yubikey tool to determine compatibility.
3. What is my Threat Model?
The final question you should ask yourself is related to your threat model.
In other words, what is your level of paranoia and how secure do you really want to make your online accounts?
Using something like the Yubikey Bio, which not only offers 2FA key encryption but also the ability to add biometric authentication (your fingerprint), adds a high level of security.
But the security protocol for the Security Key and the Yubikey 5 NFC are the same, so it’s not that the other keys are “less secure”, it just means that they don’t offer that additional layer of security.
It’s really the difference between 2FA and MFA. Which fits your threat model?
Which Yubikey Should I Choose?
The decision is ultimately up to you based on how you answer the three questions above.
You should know, however, that all three keys offer excellent security, and the fact that you are even using a 2FA keys puts you head and shoulders above the general online population!
In other words, don’t stress over the security of the 2FA key. Just focus on which one is compatible with your devices, your accounts and your personal threat model.
Be sure to subscribe to the All Things Secured YouTube channel!