How many passwords do you have? How many sites do you use each of your passwords for? Information Today research estimates over half of all adults have five or more unique passwords, while one in three adults have 10 or more unique passwords that have to be remembered.
This particular study was from 2012. I’d wager that most of us use many more passwords today than we did just six years ago. With the risk of your accounts being hacked increasing, you might be wary – you might not even trust an online password manager.
If you struggle with remembering all of your passwords and want to make sure you are managing passwords and protecting your accounts, you might want to consider a hardware token.
What is a hardware token?
This piece of hardware is a physical device, similar to a USB drive, that lets you gain access to an electronically restricted resource. It’s actually a simple two-factor authentication source.
Once your account is set up to accept the hardware token, you log in to the account with your user ID and password. You’ll be asked to insert the hardware token into the device, which gives you access to your account. It’s another layer of protection and authentication.
Hardware tokens have been on the market since 2002. Although many use the USB port on your device, Bluetooth tokens and smart cards are other types of hardware tokens. Setting up a hardware token is fairly easy. You can use your hardware token with most websites that have two-factor authorization.
The challenges with hardware tokens is that they are very easy to lose and can easily be stolen. That’s a pretty significant downside.
The YubiKey, one of the current offerings on the market, costs about $50. It could be expensive to have a hardware token for everyone in your organization. Google Titan, another brand of hardware key, costs about the same.
Some argue that not everyone needs this much security, but those people probably have never been hacked. If it protects your accounts, it might be worth taking a look.
September 17, 2019 at 9:54 am
Just getting app developers and web developers to support the native biometrics for sign-in on our mobile devices would be a breakthrough. It’s remarkable how many major entities in both categories still have not enabled this functionality. I am serious about security. I was criticized by a large group of lazy users who didn’t want to deal its hardware tokens years ago. Two factor is too slow for some daily log ins like shopping on Amazon, but using facial ID is better than dealing with the password managers on mobile devices.